dpndncY
Container Image Scanning
Every layer, every package,
one SBOM.

An OCI tarball parser walks every layer, builds a per-layer SBOM and correlates vulnerabilities across nine in-image ecosystems — with base-image upgrade guidance.

Pillar · Scan

What it does

Per-layer OCI analysis

Walks each layer of an OCI tarball or registry image and attributes packages and vulnerabilities to the layer that introduced them.

OCI tarballRegistry

9 in-image ecosystems

Debian, Alpine, RPM, npm, PyPI, Go, Ruby, PHP and .NET packages correlated against the same vulnerability stack as source scans.

9 ecosystems

Per-layer SBOM

CycloneDX / SPDX SBOM per image, with base-image upgrade guidance so you fix at the root.

SBOMBase-image guidance
9
layer ecosystems

One platform. On your infrastructure.
Every decision signed and verifiable.