Grype

Jan 1, 0001

Definition

Grype is an open-source vulnerability scanner for container images and filesystems. It identifies known vulnerabilities in software packages by analyzing the contents of containers and comparing them against a database of known vulnerabilities. Grype supports various image registries and integrates with CI/CD pipelines to enhance security by providing timely vulnerability reports.

Secure Settings Example

# Grype configuration file
check-for-app-update: true
db:
  auto-update: true
  cache-dir: /path/to/cache
log:
  level: info
  file: /var/log/grype.log

Insecure Settings Example

# Grype configuration file
check-for-app-update: false
db:
  auto-update: false
  cache-dir: /tmp
log:
  level: debug
  file: /dev/null

Grype

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter