Best vulnerability scanner for DevOps

Hey guys!

I am new to Reddit and also to the DevSecOps concept.

I am looking for recommendations to scan Docker images in CI/CD pipelines. I have looked at following OSS projects:

* Trivy ([https://github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy))
* Grype ([https://github.com/anchore/grype](https://github.com/anchore/grype))
* Snyk ([https://docs.snyk.io/integrations/ci-cd-integrations/github-actions-integration/snyk-docker-action](https://docs.snyk.io/integrations/ci-cd-integrations/github-actions-integration/snyk-docker-action))

However I see that all of them show different sets of vulnerabilities and not sure how to reconcile the security threat, without spending too much time on it.
We are mostly a Go and NPM shop and thats what …

concept cybersecurity devops devsecops docker hey images oss pipelines projects recommendations reddit scan scanner security security threat spending threat vulnerabilities vulnerability vulnerability scanner