OpenClarity is an open source, agentless platform for unified detection and management of virtual machine security threats and SBOM analysis in cloud native environments.
OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure
OpenClarity is designed for security teams and cloud infrastructure operators who need to detect and manage vulnerabilities, leaked secrets, malware, rootkits, and misconfigurations in virtual machines without deploying agents. It provides a unified, pluggable scanning infrastructure that aggregates results from multiple tools to improve visibility and simplify security operations across cloud providers like AWS, Azure, and GCP.
OpenClarity requires no agents on target VMs, simplifying deployment and reducing operational overhead. It integrates multiple open source tools like Syft, Trivy, and Grype for comprehensive scanning. Users should ensure proper configuration of scanning plugins to tailor detection capabilities. Joining the Slack community is recommended for support and staying updated on new features.
Visit https://openclarity.io/docs/getting-started/ for detailed deployment instructions
Choose your preferred cloud provider or environment (AWS, Azure, GCP, Docker)
Follow the step-by-step guide specific to your environment to deploy OpenClarity
Configure the scanning tools and enable/disable them as needed
Join OpenClarity's Slack channel for community support and updatesopenclarity scan --help
Displays help information and usage options for the OpenClarity CLI scanning commands.
openclarity stack deploy
Deploys the full OpenClarity stack for agentless VM security scanning and management.
openclarity cli scan <target>
Runs a scan on the specified target VM or filesystem using the CLI mode.
import "github.com/openclarity/openclarity"
Imports OpenClarity as a Go module for integration into custom Go applications.