Anchore
Container security and compliance platform for scanning container images and software supply chains
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Transparent vulnerability scanning for container images using static analysis
Clair provides automated static analysis of OCI and Docker container images, indexing them via an API to detect known vulnerabilities and give teams clear insight into container security.
Clair is a service that performs static analysis of container images to identify known vulnerabilities. It accepts OCI‑compliant and Docker images, indexes them through a RESTful API, and matches each layer against vulnerability databases. The result is a clear, machine‑readable report that developers and security teams can consume to assess the risk of any image before it runs in production.
The tool is aimed at security engineers, DevOps practitioners, and platform teams that need automated, repeatable scanning as part of CI/CD pipelines or Kubernetes admission controls. Because Clair runs as a standalone service, it can be deployed on‑premises or in any cloud environment, and it integrates easily with existing registries and orchestration platforms. Stable binaries are distributed via the project's releases page, ensuring a reliable production footprint while the main branch remains a development sandbox.
When teams consider Clair, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
CI/CD pipeline integration
Automatically fail builds that contain images with known vulnerabilities
Kubernetes admission control
Block deployment of container images that exceed defined CVE thresholds
Periodic security audit
Generate comprehensive reports of all images stored in a registry
Compliance monitoring
Map container images to regulatory vulnerability requirements and alert on violations
Clair can analyze OCI and Docker container images.
Through its RESTful API, you can index images and query for vulnerabilities.
Use the releases page; the main branch may be unstable.
Apache‑2.0.
Join the mailing list, IRC channel, or file issues on GitHub.
Project at a glance
ActiveLast synced 4 days ago
