vulnerability-scanners

Clair is an open source API-driven vulnerability scanner that performs static analysis of container images, inspecting each layer to identify known security flaws and providing continuous monitoring for container vulnerabilities in OCI and Docker formats.

Trivy is a comprehensive security scanner that detects vulnerabilities, misconfigurations, secrets, and software licenses in containers, filesystems, Git repositories, Kubernetes clusters, and cloud environments.