application-security

Grype

Definition

Grype is an open-source vulnerability scanner for container images and filesystems developed by Anchore. It matches installed packages against multiple vulnerability databases including NVD, GitHub Advisory Database, and OS-specific feeds.

Grype integrates with CI/CD pipelines to block deployments when critical vulnerabilities are detected and pairs with Syft for SBOM-based scanning.

Related Terms

Trivy

SCA

Software Composition Analysis

SBOM

Software Bill of Materials

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product