Integrate Grype with Vulnetix. Scan container images, directories, and SBOMs for known vulnerabilities.
CLI toolSARIFCycloneDX
Install & scan
$ go install github.com/anchore/grype/cmd/grype@latest $ grype dir:. -o sarif --file grype.sarif
Run Anchore Grype in CI
Scan on every push and upload the results to Vulnetix:
- name: Install Grype
run: |
curl -sSfL https://get.anchore.io/grype | sh -s -- -b /usr/local/bin
- name: Run Grype
run: grype dir:. -o sarif --file grype.sarif --fail-on high
- name: Upload to Vulnetix
run: vulnetix upload --file grype.sarif
Centralise Anchore Grype results in Vulnetix
Upload Anchore Grype SARIF, CycloneDX output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.