Vulnerability Scanning

Vulnerability Scanning User Guide
Tags:

Vulnerability scanning is the automated process of proactively identifying security weaknesses and known exploits within software and systems. This is crucial because it helps developers and organizations find and fix potential security holes before malicious actors can discover and exploit them, thus protecting data and maintaining system integrity.

Grype is an open-source vulnerability scanner specifically designed to analyze container images and filesystems. It works by comparing the software components it finds against a database of known vulnerabilities, providing a report of potential risks so they can be addressed.

  • Get Started - Install Grype, scan an SBOM and container for vulnerabilities.
  • Vulnerability Database - Learn how to manage the vulnerability database used by Grype.
Data Sources

Vulnerability Data Sources

Getting Started

Vulnerability Scanning Getting Started

Publishing the Vulnerability Database

Publishing the Grype Vulnerability Database

Vulnerability Database

Using the Grype Vulnerability Database

Last modified September 29, 2025: add python tests and tooling (c00b34a)