Safeguard
Tag

grype

Safeguard articles tagged "grype" — guides, analysis, and best practices for software supply chain and application security.

9 articles

Tools

Best Open Source SCA Tools in 2026 (Tested on a Real Monorepo)

OSV-Scanner, Trivy, Grype, Dependency-Check, and dep-scan, all run against the same 4,300-dependency monorepo. Recall, false positives, and scan times measured.

Apr 26, 20267 min read
Container Security

Container Vulnerability Scanner Buyer Guide 2026

A practical 2026 buyer guide for container vulnerability scanners: detection accuracy, reachability, signed advisories, runtime correlation, and the questions that separate vendors.

Apr 9, 20265 min read
Best Practices

Open Source vs Commercial Security Scanners 2026

When to use Trivy, Grype, and OSV-Scanner versus commercial scanners in 2026: honest tradeoffs, integration realities, and decision criteria.

Apr 9, 20268 min read
Tools

Trivy vs Grype: A Buyer Comparison for 2026

How Trivy 0.58 and Grype 0.85 compare in real-world container scanning: vulnerability coverage, false positive rates, SBOM support, and operational fit.

Apr 8, 20266 min read
Best Practices

How to Scan Docker Images for Vulnerabilities

A production-grade vulnerability scanning pipeline for Docker images using Trivy and Grype, with reachability-based prioritization and admission enforcement.

Mar 17, 20267 min read
Tools

Grype v0.108 Release Notes Walkthrough

Anchore's Grype shipped v0.108.0 in late 2025 with the new vulnerability database v6 schema, distroless support fixes, and a tightened CPE matcher.

Dec 9, 20255 min read
Vulnerability Management

How to Run Grype in Offline/Airgap Environments

A hands-on tutorial for running Grype vulnerability scans in offline and airgapped environments, including vulnerability database hosting and CI integration.

Jan 28, 20255 min read
Container Security

Trivy vs Grype: Container Scanning Head-to-Head

Compare Trivy and Grype on vulnerability database sources, scan speed, OS coverage, SBOM integration, and CI ergonomics to pick the right open source container scanner.

Oct 20, 20235 min read
Tool Comparisons

Trivy vs Grype: Open Source Vulnerability Scanners Compared

A practical comparison of Trivy and Grype for vulnerability scanning, covering detection accuracy, performance, SBOM support, and real-world usage patterns.

Sep 15, 20225 min read
grype — Safeguard Blog