One thing I like about this tool is the ease of use when scanning of vulnerabilities. This can easily be deployed with Kubernetes and Docker. Easy to use with enterprise distros like Red Hat. I really like how easy it is to set up on your machine. It takes only a few minutes with a Docker container to launch the platform. Review collected by and hosted on G2.com.
It is an open source tool and not exactly reliable. There are updates that get launched for the tool; but there is no knowing whether the tool is completely up to date. It is not in a stable state for long term use and can require a lot of administration in order to support it. Review collected by and hosted on G2.com.
When updates to vulnerability metadata occur, a notification is sent to alert systems that a change has occurred, and can be therefore fixed. Review collected by and hosted on G2.com.
As a CoreOS Clair user, I'd like to have CoreOS Clair to return vulnerable ancestry changes instead of computing that on Client side. Review collected by and hosted on G2.com.
I like how easy it is to scan containers for vulnerabilities. You can point an image at it and it will give you a full report. Review collected by and hosted on G2.com.
I dislike that it's only static analysis, but it does get the job done. Review collected by and hosted on G2.com.