Grype
Readiness Level
Intermediate
Related topics:
CISA does not endorse any commercial product or service. CISA does not attest to the suitability or effectiveness of these services and resources for any particular use case. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply their endorsement, recommendation, or favoring by CISA.
Description
Grype is an open source vulnerability scanner for container images and filesystems that can be used to find zero day vulnerabilities such as log4j.