Open Source Tools

Open Source Container Scanner

Container images bundle layers of someone else's dependencies, and a vulnerability that slipped into a base image weeks ago ships to production unless something catches it first. The open source tools here let you see precisely how images and manifests are evaluated and run that check inside your own pipeline, so you can gate deploys on findings you trust without sending your build artifacts to a third party.

9 container scanner100% OSI-approved licensesUpdated June 2026
Showing 1-9 of 9
Harbor logo

Harbor

Container Scanner
28.7k

Cloud native registry for storing, signing, scanning, and replicating container images and Helm charts

Apache-2.0GoSelf-host
Kubescape logo

Kubescape

Audit Software
11.5k

Kubernetes security platform spanning IDEs, CI/CD pipelines, and live clusters

Apache-2.0GoSelf-host
Clair logo

Clair

Container Scanner
11k

Static analysis for container image vulnerabilities, accessed through an API

Apache-2.0GoSelf-host

Docker Bench for Security

Container Scanner
9.7k

Automated checks for Docker hosts and containers against the CIS Docker Benchmark

Apache-2.0ShellSelf-host
Falco logo

Falco

Security
9k

Cloud native runtime security for Linux that detects abnormal behavior in containers and hosts in real time

Apache-2.0C++Self-host

kube-bench

Audit Software
8.1k

Checks whether Kubernetes is deployed according to the CIS Kubernetes Benchmark

Apache-2.0GoSelf-host

KubeLinter

Audit Software
3.5k

Static analysis for Kubernetes YAML files, Helm charts, and Kustomize manifests

Apache-2.0GoSelf-host
Dockle logo

Dockle

Container Scanner
3.3k

Container image linter that checks images against best practices and CIS Benchmarks

Apache-2.0GoSelf-host
KICS logo

KICS

Container Scanner
2.6k

Static analysis for infrastructure as code that finds security, compliance, and misconfiguration issues

Apache-2.0Open Policy Agent

Related categories

VPN14Vulnerability Scanner12Firewall7Security121Threat Intelligence8