Best 12 Containers static analysis tools

Discover, analyze, and certify container images.

Vulnerability Static Analysis for Containers.

Automated code review tool integrates with GitHub, Bitbucket and GitLab (even self-hosted). Available for JavaScript, TypeScript, Python, Ruby, Go, PHP, Java, Docker, and more. (open-source free)

Run arbitrary scripts inside containers, and gather useful information.

Perform static analysis of known vulnerabilities in docker images/containers.

Lint and validate Dockerfile labels.

Combination of multiple linters to install as a GitHub Action.

A smarter Dockerfile linter that helpsyou build best practice Docker images.

Static code analysis of your Kubernetes object definitions.

Validates your Kubernetes configuration files and supports multiple Kubernetes versions.

Container native application protection to provide visibility and control of containerized applications.

Vulnerability scanner for dependencies of node.js apps (free for Open Source Projects).