Enable javascript in your browser for better experience. Need to know to enable it? Go here.
Veröffentlicht : Mar 29, 2022
Mar 2022
Assess ? Worth exploring with the goal of understanding how it will affect your enterprise.

Securing the software supply chain has become a commonplace concern among delivery teams, a concern that is reflected by the growing number of new tools in this space. Grype is a new lightweight vulnerability scanning tool for Docker and OCI images. It can be installed as a binary, can scan images before they're pushed to a registry, and it doesn't require a Docker daemon to run on your build agents. Grype comes from the same team that is behind Syft, which generates SBOMs in various formats from container images. Grype can consume the SBOM output of Syft to scan for vulnerabilities.

Radar

Download Technology Radar Volume 26

English | Español | Português | 中文

Radar

Stay informed about technology

 

Subscribe now

Visit our archive to read previous volumes