Vulnerability scannerOpen Source

Grype

Container and filesystem vulnerability scanner.

Open-source vulnerability scanner for container images and filesystems, often paired with Syft for SBOM workflows.

Vulnerability ManagementOpen SourceSource availableCommunity voting
Visit site

Overview

What Grype is good for

Open-source vulnerability scanner for container images and filesystems, often paired with Syft for SBOM workflows.

Built for vulnerability management workflows.

Useful when evaluating vulnerability scanner capabilities.

Helpful for containers, sbom, scanner investigations and triage.

Evaluation guide

Quick decision notes

Best fit

Security teams prioritising vulnerabilities with exposure and real-world exploitation signals.

Check before using

Confirm current pricing, data limits, account requirements, and licensing on the official site before production use.

Typical inputs

#containers · #sbom · #scanner

Discovery path

Use the categories, source links, and similar tools below to compare it with nearby options.

Use cases

Where it fits

Security teams prioritising vulnerabilities with exposure and real-world exploitation signals.

Classification

Categories and tags

Vulnerability Management#containers#sbom#scanner

Sources

Official links and checks

Use these links to verify current plans, access requirements, documentation, releases, and support status.

Reviews

Community reviews and comments

Community reviews

Comment provider is not configured yet. This placeholder keeps the review area visible while setup is completed.

Suggest a review

FAQ

Questions about Grype

What is Grype used for?

Grype is used for vulnerability scanner workflows. Open-source vulnerability scanner for container images and filesystems, often paired with Syft for SBOM workflows.

Is Grype free?

The listed pricing model is Open Source. Check the official site for exact plan limits, usage restrictions, and current commercial terms.

Which teams should evaluate Grype?

It is most relevant to teams working across vulnerability management workflows.

What are alternatives to Grype?

Start with the similar tools section on this page. It highlights tools with overlapping categories, tags, and operational use cases.