Skip to content
@openclarity

OpenClarity

Cloud native application security and observability
OpenClarity logo

OpenClarity is a suite of open source projects built to enhance the security and observability of cloud native applications and infrastructure.

OpenClarity delivers:

  • Agentless detection and managements of vulnerabilities, exploits, malware and misconfigurations for virtual machines and container images
  • Capabilities for runtime scans of Kubernetes and CI/CD pipelines
  • Comprehensive API security for internal and third-party APIs

Useful links

Website | Docs | Slack | Contributing guide | Security procedures | Code of Conduct

See more details

VM Security

VMClarity is a tool for agentless detection and management of virtual machine Software Bill Of Materials (SBOM) and security threats such as vulnerabilities, exploits, malware, rootkits, misconfigurations, and leaked secrets.

vm-clarity-diagram

Key Capabilities:

  • SBOM analysis
  • Package and OS vulnerability detection
  • Exploit detection
  • Leaked secret detection
  • Malware detection
  • Misconfiguration detection
  • Rootkit detection

Kubernetes Security

KubeClarity is a tool for detection and management of software bills of materials (SBOMs) and vulnerabilities in container images and filesystems. It scans both runtime Kubernetes clusters and CI/CD pipelines for enhanced software supply-chain security.

kube-clarity-diagram

Key Capabilities:

  • SBOM and vulnerability detection
  • Comprehensive dashboard for SBOM analysis
  • Pluggable architecture

API Security

APIClarity is a tool that helps you visualize and identify potential risks around API usage in your cloud native environments. It helps build the OpenAPI specifications for all APIs in your environment, then helps track drift, shadow or zombie usage for those APIs. You can then use this information to build your application security posture.

api-clarity-diagram

Key Capabilities:

  • Quick and easy API visibility and analysis
  • Comprehensive dashboard to monitor APIs
  • Designed for developers, loved by security teams

Pinned Loading

  1. openclarity openclarity Public

    OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure

    Go 1.4k 166

  2. docs.openclarity.io docs.openclarity.io Public

    docs.openclarity.io

    HTML 2 4

Repositories

Showing 10 of 21 repositories
  • freshclam-mirror Public

    A private ClamAV freshclam mirror server which periodically syncs signatures using freshclam.

    openclarity/freshclam-mirror’s past year of commit activity
    Dockerfile 2 Apache-2.0 1 0 0 Updated Nov 23, 2024
  • openclarity Public

    OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure

    openclarity/openclarity’s past year of commit activity
    Go 1,352 Apache-2.0 166 56 (6 issues need help) 11 Updated Nov 19, 2024
  • yara-rule-server Public

    YARA rule server download and compile rules into one binary file.

    openclarity/yara-rule-server’s past year of commit activity
    Go 1 Apache-2.0 0 0 2 Updated Nov 8, 2024
  • grype-server Public

    Running Grype scanner as a containerized service

    openclarity/grype-server’s past year of commit activity
    Go 12 Apache-2.0 3 0 1 Updated Nov 8, 2024
  • docs.openclarity.io Public

    docs.openclarity.io

    openclarity/docs.openclarity.io’s past year of commit activity
    HTML 2 Apache-2.0 4 0 0 Updated Nov 7, 2024
  • vmclarity Public archive

    VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities

    openclarity/vmclarity’s past year of commit activity
    Go 101 Apache-2.0 22 0 (7 issues need help) 0 Updated Oct 14, 2024
  • kubeclarity Public archive

    KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems

    openclarity/kubeclarity’s past year of commit activity
    Go 32 Apache-2.0 4 16 0 Updated Oct 14, 2024
  • apiclarity Public

    An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks. 

    openclarity/apiclarity’s past year of commit activity
    Go 515 Apache-2.0 63 27 25 Updated Oct 8, 2024
  • vmclarity-tools-base Public

    base image with scanner tools for VMClarity

    openclarity/vmclarity-tools-base’s past year of commit activity
    Dockerfile 1 Apache-2.0 1 0 2 Updated Sep 9, 2024
  • .github Public

    Org-wide GitHub configurations

    openclarity/.github’s past year of commit activity
    0 Apache-2.0 9 2 0 Updated Aug 14, 2024