Clair is a vulnerability analysis tool for containers that was just released by CoreOS.
CoreOS is the same outfit that’s behind the development of the rkt container runtime, as well as CoreOS Linux, a container-native operating system.
Clair is an open source project hosted on GitHub, so it’s open to anybody with the skills to contribute.
From the release announcement:
… Clair, a tool to monitor the security of your containers. Clair is an API-driven analysis engine that inspects containers layer-by-layer for known security flaws. Using Clair, you can easily build services that provide continuous monitoring for container vulnerabilities. CoreOS believes tools that improve the security of the world’s infrastructure should be available for all users and vendors, so we made the project open source. With that same purpose, we welcome your feedback and contributions to the Clair project.
Learn more about Clair and how it works from the complete release announcement.