Container & Kubernetes Security Scanning 2026 Complete Guide - Trivy, Grype, Snyk Container, Anchore, Clair, Falco, Kubescape, Datree, Polaris, Tetragon Deep Dive

"More than 70% of container images contain at least one known high-severity CVE. In 2026, container security is no longer a 'whether to scan' question — it is a 'where in the pipeline, with which tool, and how to automate' question." — Sysdig 2025 Cloud-Native Security Report

Container security scanning has evolved explosively since Clair (2015) and the first Trivy release (2019). As of May 2026, there is no longer a single "image scanner" category. The industry has split into five branches — image vulnerability scanning (SCA), runtime security, K8s misconfig scanning, supply-chain security, and CNAPP — and each branch is itself divided into open-source and commercial camps.

This guide covers the entire surface in one place: Trivy, Grype, Syft, Clair, Snyk Container, JFrog Xray, Sysdig Secure, Wiz, Orca, Prisma Cloud, Aqua, and CrowdStrike Falcon Cloud Security on the SCA/CNAPP side; Falco, Tetragon, and Tracee for eBPF-based runtime security; Kubescape, Datree, kube-bench, kube-hunter, Polaris, kube-score, and Checkov for K8s misconfiguration; Cosign, Sigstore, Rekor, Fulcio, SLSA, and in-toto for supply chain; CycloneDX and SPDX as SBOM formats; and Chainguard, Distroless, and Wolfi as hardened base images.

1. The 2026 Container Security Map - Four Domains Plus CNAPP

Container security is often shorthanded as "image scanning," but the real 2026 surface area splits into four domains.

On top of these four sits CNAPP (Cloud-Native Application Protection Platform) — an integrated category that unifies all four above with CSPM (Cloud Security Posture Management) and CIEM (Cloud Infrastructure Entitlement Management) in a single console. Wiz, Prisma Cloud, Orca Security, Sysdig Secure, Lacework, and CrowdStrike Falcon Cloud Security dominate this segment.

In 2026, almost every security team uses a hybrid strategy: open-source tools to gate the build pipeline, and one or two CNAPPs to cover runtime and the broader cloud. Teams that try to cover everything with free OSS or everything with a single CNAPP are increasingly rare.

2. How Image Vulnerability Scanners Work - SCA (Software Composition Analysis)

Image vulnerability scanning is essentially a two-step process.

1. Inventory — extract a list of every OS package (apt/apk/rpm) and language library (npm, pip, Maven, Go modules) in the image.
2. CVE matching — match that inventory against CVE databases (NVD, OSV, GHSA, Red Hat OVAL).

Step 1's output is effectively an SBOM (Software Bill of Materials), and Syft, Trivy, and Snyk Container all do roughly the same thing internally. Differences come from CVE database breadth, matching accuracy, false-positive handling, and bonus features (config scanning, secret detection, license analysis).

CVE databases are not unified either. NVD (NIST, US), OSV (Google), GHSA (GitHub Security Advisories), Red Hat OVAL, Alpine SecDB, CNNVD (China), and JVN (Japan) all update at different cadences, and each tool merges them into its own backend. Trivy pulls Aqua's curated vulnerability DB from GHCR; Grype uses Anchore's grype-db.

3. Trivy 0.58 (Aqua Security) - The OSS Standard

Trivy started in 2019 as the side project of a Japanese developer (masahiro331), was acquired by Aqua Security shortly after, and by 2026 has effectively become the de facto CNCF-recommended OSS scanner. 22,000+ GitHub stars, Apache 2.0 license, with 0.58.x as the mainstream stable line in late 2025.

Trivy's strength is that a single binary covers nearly everything.

• OS packages (Alpine, Debian, Ubuntu, RHEL, CentOS, Photon, Oracle, Wolfi, Chainguard, Bottlerocket, Amazon Linux 2/2023)
• Language libraries (npm, yarn, pnpm, pip, Poetry, Pipenv, Maven, Gradle, Go modules, Cargo, Composer, NuGet, Bundler, Conan)
• IaC configs (Dockerfile, Kubernetes YAML, Terraform/OpenTofu, CloudFormation, Helm Chart, Kustomize)
• Secrets (AWS access keys, GCP service accounts, GitHub tokens, ~100 patterns)
• Licenses (GPL/AGPL/MIT/Apache classification)
• SBOM generate/consume (CycloneDX, SPDX)

Basic usage is dead simple.

# Image vulnerability scan
trivy image ghcr.io/myorg/api:1.2.3

# Filesystem (scan build artifacts in CI)
trivy fs --severity HIGH,CRITICAL .

# Whole-cluster Kubernetes scan
trivy k8s --report=summary cluster

# IaC scan
trivy config ./deploy/

# SBOM generation (CycloneDX)
trivy image --format cyclonedx --output sbom.cdx.json myimage:tag

In CI pipelines, --exit-code 1 --severity CRITICAL --ignore-unfixed is the standard combination — only CRITICAL CVEs that actually have a fix will fail the build, which cuts false-positive fatigue dramatically.

4. Grype + Syft (Anchore) - SBOM-first Architecture

Anchore's Grype and Syft are Trivy's closest competitors. Both are Apache 2.0, with a slightly different philosophy.

• Syft: inventory → SBOM generation
• Grype: SBOM → CVE matching

This separation maps cleanly onto an SBOM-first workflow. CI generates an SBOM once with Syft, and the same SBOM can later be re-scanned multiple times with Grype. When a new zero-day CVE drops, you can evaluate the blast radius immediately by re-matching the existing SBOM, without rebuilding the image.

# Generate SBOM with Syft
syft myimage:latest -o cyclonedx-json > sbom.json

# Scan the SBOM with Grype
grype sbom:./sbom.json

# Or scan the image directly
grype myimage:latest

Trivy supports a very similar workflow today, but the Anchore camp has treated SBOM as a first-class object from day one, which makes integration with SLSA, in-toto, and Cosign attestations feel more natural. As the US government (NIST SP 800-218 SSDF, EO 14028) moves toward mandatory SBOM, Syft adoption is climbing fast.

5. Clair v4 (Quay / Red Hat) - The Registry-embedded Scanner

Clair is the oldest open-source container scanner, originally built by CoreOS (now Red Hat) in 2015. As of 2026, v4 is the stable line, hosted on GitHub under Apache 2.0.

Clair's distinguishing trait is the "scanner library plus HTTP server" architecture. Rather than being used as a standalone CLI, it is typically embedded in container registries — Quay, Harbor, and parts of JFrog Artifactory. Quay scans every image automatically on push and surfaces results in its UI.

• Pros: clean registry integration, tight coupling with OpenShift/Red Hat, separation of indexing and matching for horizontal scaling
• Cons: weak standalone-CLI ergonomics compared to Trivy/Grype, no built-in IaC/secret/SBOM features
• Where you see it: Red Hat OpenShift Quay, parts of IBM Cloud Container Registry

Outside Red Hat-flavoured environments, Trivy is the default first choice. Inside OpenShift-standardized organizations (mostly finance and telco), Clair is still the default.

6. Snyk Container - The Commercial SCA Flagship

Snyk, founded in the UK in 2015, crossed $900M ARR in 2024 and is the flagship commercial SCA vendor. They offer Snyk Open Source (library vulns), Snyk Container (images), Snyk IaC (Terraform/K8s), and Snyk Code (SAST) in a single console.

Snyk Container has two main strengths.

1. Fix Advice: rather than dumping a CVE list, it makes specific recommendations like "switch the base image from X to Y to eliminate 5 CRITICALs."
2. Snyk Vulnerability Database: a curated proprietary DB that is typically days to weeks ahead of NVD.

Pricing as of May 2026: the Team plan starts at about $98 per developer per month, Enterprise is custom-quoted. The free plan allows up to 200 scans per month, which is plenty for personal projects and small teams.

Where Snyk really pulls ahead of Trivy is the alerting, ticketing, and management console. Jira, Slack, MS Teams integrations, automatic prioritization, license analysis, and policy management are far deeper. A common split is: Trivy for the build gate, Snyk for downstream operational follow-up.

7. JFrog Xray, Sysdig Secure, and Aqua Security - Commercial Big Three

Commercial container security has been a four-horse race for years (Snyk, Aqua, Sysdig, Twistlock/Prisma Cloud), and 2026 is no different.

• JFrog Xray — fused with JFrog Artifactory. If you already run Artifactory, Xray is the natural pick. Integrated SCA, license, CVE, and OSS compliance.
• Sysdig Secure — the commercial parent of Falco. Strongest in runtime security and includes image and IaC scanning. eBPF-driven deep visibility is the differentiator.
• Aqua Security — parent company of Trivy. Bundles open-source Trivy with commercial CSPM/CWPP, runtime, and supply-chain. Tracee (eBPF runtime) is also Aqua's project.

All three sit in roughly the same price band as Snyk (about $50–$200 per developer/node/month), with significant variance based on environment size. As Wiz, Prisma Cloud, and Orca rise as CNAPPs, the Big Three are also expanding into CNAPP territory, but their flavor remains "runtime plus image scanning" first.

8. Falco (CNCF) - The eBPF Runtime Standard

Falco was created by Sysdig in 2016, donated to CNCF in 2018, and graduated in February 2024. Apache 2.0 license. It monitors syscalls, K8s audit events, and cloud events in real time using eBPF or a kernel module.

Representative rules:

• A shell is spawned inside a container
• A privileged container is created
• A container writes to host filesystem paths (/etc, /proc)
• An unexpected outbound port is opened
• A binary executes from an unusual location (/tmp, /dev/shm)

Rules are YAML and ship with about 100 default rules including MITRE ATT&CK mappings.

- rule: Shell in Container
  desc: Notice shell activity within a container
  condition: >
    spawned_process and container
    and shell_procs
    and proc.tty != 0
    and container_entrypoint
  output: >
    Shell spawned in a container
    (user=%user.name container_id=%container.id image=%container.image.repository)
  priority: WARNING
  tags: [container, shell, mitre_execution]

Falco's output flows to stdout, syslog, Kafka, HTTP webhooks, or Falco Sidekick (which fans out to Slack/PagerDuty/SIEM). The operational pain point is noise tuning — the first one or two weeks of default rules tend to be a false-positive bomb, so allowlist work is essential.

9. Tetragon (Isovalent / Cilium) - The Next-gen eBPF Runtime

Tetragon is the eBPF-based runtime security plus observability tool from Isovalent (creators of Cilium, acquired by Cisco in 2024). Apache 2.0, part of the CNCF Cilium project.

Differences from Falco:

• Tetragon enforces as well as detects — eBPF can outright reject a syscall.
• It composes naturally with Cilium network policy, unifying L3/L4/L7 traffic visibility with syscall visibility under one data model.
• Its TracingPolicy CRD is a more K8s-native rule model than Falco's YAML rules.
• Performance overhead is reportedly lower (vendor claim, real numbers depend on workload).

As of May 2026, Tetragon's adoption is still smaller than Falco's, but it is the natural next step for organizations already running Cilium and is spreading quickly. The Cisco acquisition of Isovalent strengthened commercial support (Isovalent Enterprise) substantially.

10. Tracee (Aqua Security) - Trivy's Runtime Sibling

Tracee is Aqua Security's other eBPF-based runtime security tool. Apache 2.0, with v0.21.x being the stable mainstream line in 2026.

Tracee's distinguishing trait is its forensic orientation. Beyond simple alerting, it captures rich syscall sequences, process trees, and file-access patterns, which is invaluable for post-incident analysis. Its ~100 built-in signatures cover threats like cryptominers, fileless attacks, container escapes, and kernel exploits.

A simple decision guide among Falco / Tetragon / Tracee:

• Cilium-based clusters → Tetragon is the natural fit
• Already running Sysdig Secure → Falco is the backend
• Aqua Trivy/Aqua Enterprise stack → Tracee is the runtime partner
• Anything else? Start with Falco — the community is largest and the ruleset is the richest

11. Kubescape (Armo) - Mapped to the NSA Hardening Guide

The lead K8s misconfig scanner is Kubescape, originally open-sourced by Israeli vendor Armo in 2021. It entered CNCF Sandbox in 2022 and graduated to Incubating in November 2023. Apache 2.0.

Kubescape's biggest differentiator is first-class mapping to the NSA/CISA Kubernetes Hardening Guide and MITRE ATT&CK for Containers. Reports do not just say "this is a best-practice violation" — they tag each finding with the corresponding NSA control and ATT&CK technique.

# Whole-cluster scan
kubescape scan

# Specific framework
kubescape scan framework nsa
kubescape scan framework mitre
kubescape scan framework cis-eks-t1.2.0

# Manifest scan (CI)
kubescape scan ./deploy/

As of May 2026, Kubescape is evolving into something close to a free CNAPP, adding in-cluster Operator mode, Helm chart scanning, automatic Network Policy generation, and attack-path analysis. Armo also offers Armo Platform as a commercial SaaS.

12. kube-bench, kube-hunter, kube-score, and Polaris - The CIS Benchmark Four

Aqua's kube-bench is the oldest tool that automatically checks the CIS Kubernetes Benchmark. It inspects kubelet, apiserver, and etcd settings on each node and produces a CIS Pass/Fail report. Dedicated profiles exist for managed clusters (EKS, GKE, AKS).

kube-hunter, another Aqua project, is a pentest-style scanner that actively probes for exposed weaknesses from outside and inside the cluster. However, it has been archived since 2024 with no new features, so new adoption is discouraged.

kube-score by Zegl is a static manifest analyzer that flags best-practice violations like "Pod has no securityContext", "ResourceLimits missing", "ImagePullPolicy is not Always". A lightweight gate that fits CI nicely.

Polaris (Fairwinds, 2018) covers a similar K8s-best-practice space but ships both an in-cluster Dashboard mode and an Admission Controller mode, which is more operations-friendly. Fairwinds Insights is its commercial SaaS.

The four overlap, but the typical pairing is: CIS benchmark with kube-bench, workload static analysis with kube-score plus Polaris, comprehensive posture with Kubescape.

13. Datree - A Short-lived Policy-as-Code Star

Datree appeared in 2020 as a K8s policy-as-code scanner and briefly drew attention as a "GitOps-friendly OPA alternative." Defining policies as YAML and validating manifests against them was very intuitive.

GitLab acquired Datree in December 2023 and open-source activity essentially halted by 2024. As of 2026, new adoption is not recommended. The space has effectively been absorbed by OPA Gatekeeper, Kyverno, and Kubescape.

Datree's policy-as-code model itself survives, though, influencing Kubescape's Control Library and Kyverno ClusterPolicy. The name is worth remembering for historical context.

14. Checkov (Palo Alto Networks / Bridgecrew) - The IaC Scanner Leader

Checkov is the IaC scanner from Bridgecrew, acquired by Palo Alto Networks in 2021 and folded into Prisma Cloud. Apache 2.0 open source. It covers nearly every IaC format in one binary: Terraform, CloudFormation, Kubernetes, Helm, Kustomize, Dockerfile, ARM, Bicep, Serverless.

# Scan a Terraform directory
checkov -d ./terraform/

# Scan a single K8s manifest
checkov -f ./deploy/web.yaml

# SARIF output (GitHub Code Scanning integration)
checkov -d . -o sarif > checkov.sarif

Checkov and Trivy Config overlap exactly, but Checkov has a far richer ruleset (800+). On the other hand, Trivy wins on single-binary footprint. Many organizations run both in parallel inside CI.

15. OPA Gatekeeper and Kyverno - The Admission Control Duopoly

Separate from scanning, the two standards for blocking entry to the cluster are OPA Gatekeeper and Kyverno.

• OPA Gatekeeper — CNCF Graduated. Policies in Rego DSL. Most expressive, but a steep learning curve.
• Kyverno — CNCF Graduated in 2024. Policies in YAML. Supports K8s manifest mutation as well. Very gentle learning curve.

If scanners (Trivy/Kubescape/Checkov) act at "code review time," Gatekeeper and Kyverno act as the "runtime gate." You need both for genuine defense-in-depth. For new adoptions in 2026, Kyverno has overtaken OPA Gatekeeper in popularity.

16. Sigstore - Cosign, Rekor, and Fulcio for Supply-chain Signing

The de facto supply-chain security standard is the Linux Foundation's Sigstore project. Three components are core.

• Cosign — the CLI for signing and verifying images and artifacts.
• Fulcio — a certificate authority that issues short-lived X.509 certs from an OIDC identity.
• Rekor — a tamper-evident transparency log that records every signature.

Cosign's killer feature is keyless signing. Instead of stashing a private key, the developer presents a GitHub Actions OIDC token to Fulcio, gets a short-lived certificate on the spot, and signs with it. The signature itself is recorded in Rekor forever.

# Sign (keyless from GitHub Actions)
cosign sign --yes ghcr.io/myorg/api:1.2.3

# Verify
cosign verify ghcr.io/myorg/api:1.2.3 \
  --certificate-identity-regexp='^https://github.com/myorg/' \
  --certificate-oidc-issuer='https://token.actions.githubusercontent.com'

# Attach an SBOM attestation
cosign attest --predicate sbom.cdx.json \
  --type cyclonedx \
  ghcr.io/myorg/api:1.2.3

As of May 2026, GitHub Container Registry, Google Artifact Registry, and AWS ECR all recognize Sigstore signatures, and Kyverno and OPA Gatekeeper can enforce signature verification at admission.

17. SLSA and in-toto - Supply-chain Trust Frameworks

SLSA (Supply-chain Levels for Software Artifacts, pronounced "salsa") is the supply-chain trust framework Google open-sourced in 2021. v1.0 in 2023, v1.1 in 2025, currently operated by OpenSSF.

SLSA defines build-environment integrity in four levels.

• L1 — scripted build with recorded provenance.
• L2 — hosted build system with authenticated provenance.
• L3 — isolated build, non-falsifiable provenance.
• L4 — two-person review, reproducible build.

in-toto is SLSA's standard data format, encoding the metadata of each build step (who, when, what) as signed JSON. Cosign's cosign attest produces in-toto attestations under the hood and registers them in Rekor.

GitHub Actions has supported automatic SLSA L3 build provenance attestation since 2024, and as of May 2026 most major open-source projects (Kubernetes, Cilium, Istio) ship releases with L3 attestation attached.

18. CycloneDX and SPDX - The Two SBOM Formats

SBOM standards split into two camps.

• CycloneDX (OWASP, 2017) — XML/JSON, security-flavored. Integrated with VEX (Vulnerability Exploitability eXchange).
• SPDX (Linux Foundation, 2010) — Tag-Value/JSON/YAML, license-flavored. ISO/IEC 5962:2021 international standard.

Trivy, Syft, and Snyk Container can all emit both. Pragmatic guidance:

• Security-centric (vulnerability tracking, VEX) → CycloneDX
• License/compliance-centric → SPDX
• US federal procurement → either works, but SPDX is the safer pick

NIST SP 800-218 SSDF and the EU Cyber Resilience Act (CRA, in force 2024, enforced 2027) both mandate SBOM, so whichever you pick, SBOM has become a standard build artifact in 2026.

19. The CNAPP Big Five - Wiz, Prisma Cloud, Orca, Sysdig, Lacework

Five vendors dominate the commercial CNAPP market as of May 2026.

• Wiz — Israeli startup, $12B valuation in 2024, agentless scanning is the differentiator. A 2025 Google acquisition was rumored but did not close.
• Prisma Cloud (Palo Alto Networks) — the giant, built from Twistlock (2019), Bridgecrew (2021), and RedLock acquisitions. Broadest coverage.
• Orca Security — Israeli, agentless via "SideScanning" technology that analyzes cloud assets without agents.
• Sysdig Secure — built on Falco, strongest in runtime with agent-based deep visibility.
• Lacework — data-model-driven anomaly detection, acquired by Fortinet in 2024.

Fast followers include CrowdStrike Falcon Cloud Security (the EDR leader expanding into cloud), Aqua CSPM, Microsoft Defender for Cloud, and Datadog Cloud Security Management.

CNAPP selection is heavily anchored to "which cloud security or monitoring vendor are you already using." A Datadog shop tends to pick Datadog CSPM; an Azure-centric organization tends to land on Defender for Cloud first.

20. CSPM vs CWPP vs CIEM - Three Acronyms Inside CNAPP

CNAPP packages three sub-categories.

• CSPM (Cloud Security Posture Management) — checks for cloud misconfigurations (S3 public, overly broad IAM).
• CWPP (Cloud Workload Protection Platform) — protects host, container, and serverless runtime workloads.
• CIEM (Cloud Infrastructure Entitlement Management) — analyzes and right-sizes IAM/RBAC permissions.

The 2026 CNAPP absorbs all three and is steadily expanding to Code Security (SAST), Container Security, Kubernetes Security Posture Management (KSPM), and Data Security Posture Management (DSPM). The pitch is to end the "30-tools era" with one console.

CNAPP cannot truly cover everything, though. Deep SAST is still owned by Snyk Code, Semgrep, and Checkmarx; OSS license analysis by FOSSA and Black Duck; secret scanning by GitGuardian. CNAPP handles the broad baseline while category-specific tools provide depth.

21. Image Hardening - Chainguard, Distroless, Wolfi, Bitnami Secure

Scanning alone is not enough. Making base images small and safe by construction — image hardening — is another big 2026 trend.

• Distroless (Google, 2017) — static images with only the runtime, no shell or package manager. gcr.io/distroless/static, gcr.io/distroless/java21. With no shell, exec-based compromise is essentially impossible.
• Wolfi (Chainguard, 2022) — an apk-based distribution that embraces the distroless philosophy while keeping general package-manager compatibility, small and clean.
• Chainguard Images (2022+) — commercial Wolfi-based image catalog. Around 1,000 images are built daily targeting zero CVEs. A free Developer tier exists.
• Bitnami Secure Images (Broadcom, 2024) — Broadcom's secure image line launched after the Bitnami acquisition.
• Mariner Linux (Microsoft, now Azure Linux) — Microsoft's container-friendly minimal Linux. Also used as the AKS node OS.
• Alpine Linux — the oldest minimal image, with musl libc and apk. Some glibc-related issues push higher-tier environments toward distroless/Wolfi.
• Red Hat UBI (Universal Base Image) — Red Hat's freely redistributable enterprise-friendly base.

Switching the base image to Distroless or Wolfi often drops Trivy's CVE count by dozens or hundreds. Some organizations enforce an "allowed base images" policy as the entire opening play.

22. CI/CD Integration - GitHub Actions, GitLab CI, Argo Workflows

Almost every scanning tool ships clean GitHub Actions and GitLab CI components. A representative pattern:

# .github/workflows/security.yml
name: container-security
on:
  push:
    branches: [main]
  pull_request:

jobs:
  trivy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Build image
        run: docker build -t myapp:${{ github.sha }} .
      - name: Trivy scan (image)
        uses: aquasecurity/trivy-action@0.28.0
        with:
          image-ref: 'myapp:${{ github.sha }}'
          severity: 'CRITICAL,HIGH'
          exit-code: '1'
          ignore-unfixed: true
          format: 'sarif'
          output: 'trivy.sarif'
      - name: Trivy config (IaC)
        uses: aquasecurity/trivy-action@0.28.0
        with:
          scan-type: 'config'
          severity: 'CRITICAL,HIGH'
          exit-code: '1'
      - name: Upload SARIF
        if: always()
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: 'trivy.sarif'

Operational tips:

• --ignore-unfixed is almost mandatory to avoid failing builds for unfixable findings.
• Start at severity: CRITICAL,HIGH; if false positives pile up, demote MEDIUM to report-only (non-blocking).
• Upload results as SARIF to GitHub Code Scanning or GitLab Security Dashboard.
• For PR comment bots, you can self-host with reviewdog plus Trivy.

23. Korean Adoption - AhnLab CloudSec, Snyk Korea, NAVER Cloud, Toss

Container security adoption in Korea is moving fast.

• AhnLab CloudSec — AhnLab's CNAPP line, launched in 2024, unifies CSPM, CWPP, and CIEM with strong domestic financial and public-sector compliance fit.
• Snyk Korea — local entity established in 2023, adopted by many major Korean IT firms; used in parts of Kakao, NAVER, and Coupang.
• NAVER Cloud Container Security — NAVER Cloud Platform's container registry (NCR) ships built-in scanning powered by Trivy.
• Kakao Korea Container Hardening — Kakao runs its own internal hardened base images plus a Trivy gate.
• Toss — published container security standardization talks in 2024–2025 (NHN FORWARD, Toss SLASH), reportedly using Trivy + Kyverno + Falco plus custom admission policies.
• Samsung SDS — Brity Cloud's container security line, with its own EAL-certified container platform.
• LG CNS / SK C&C — large Korean SIs that maintain their own container security frameworks.

KISA ISMS-P certification, FSI guidelines, and public-sector ISMS requirements often mean global CNAPPs alone are insufficient, so hybrid local-plus-global stacks are common.

24. Japanese Adoption - Mercari, Yahoo!Japan, LINE, CyberAgent

Japanese container security adoption is also very active.

• Mercari — on GKE since 2018, adopting Trivy from 2021; publicly disclosed Wiz adoption in 2024 (Mercari Engineering Blog).
• Yahoo!Japan (now LY Corporation) — runs Falco at very large scale with custom rulesets and an internal SaaS-like platform.
• LINE Yahoo — security standards integration ongoing post-merger, using Trivy plus Falco plus an internal IaC gate.
• CyberAgent — runs GKE/EKS across AbemaTV and Ameba, with publicly disclosed Kubescape plus Trivy adoption.
• DeNA, GREE — adopted Aqua/Sysdig for gaming and mobile workload protection.
• NTT Communications — has its own CNAPP line aimed at the Japanese government and telco market.

PCI-DSS and ISMAP (Japanese government cloud) requirements drive fast adoption, with an "OSS plus Japanese SaaS" hybrid as the standard configuration.

25. Pricing - OSS at $0, Snyk$98+/dev, CNAPPs (Wiz/Orca) Quote-only

Pricing intuition as of May 2026.

A realistic starting point for most organizations is "Trivy plus Falco plus Kubescape, all free" for build and runtime basics, then consider CNAPP or Snyk as you grow. Jumping straight to Wiz can incur tens of thousands of dollars per year immediately, so staged adoption is the norm.

26. The 2027 Outlook - AI Auto-triage, eBPF Standardization, Mandatory SBOM

Three trends are clear past 2026.

1. AI auto-triage — Snyk, Wiz, and Sysdig all ship LLM-based CVE false-positive classification and auto-fix PR generation. Trivy is also deepening integration with GitHub Copilot Security on the OSS side.
2. eBPF standardization — Falco, Tetragon, and Tracee end up emitting similar signals in different shapes; OpenTelemetry and the eBPF Foundation are working toward a standard event schema.
3. Mandatory SBOM — US EO 14028, NIST SSDF, EU CRA (enforced 2027), and KISA guidelines together make SBOM attachment a de facto procurement requirement around 2027.

Expansion beyond containers also accelerates — serverless function scanning, Wasm module scanning, and AI-model artifact scanning (Hugging Face model cards, ML SBOM) are being absorbed as new CNAPP modules.

Conclusion - A Four-layer Defense Strategy

Container security in 2026 is not a single tool but a four-layer defense.

1. Dev/build gate — Trivy (image plus IaC) plus Checkov plus kube-score, fail the build on CRITICAL/HIGH.
2. Registry / supply chain — Cosign signatures, SLSA L3 builds, attached SBOM, Rekor transparency.
3. Cluster entry — OPA Gatekeeper or Kyverno admission gates that reject unsigned or privileged images.
4. Runtime — Falco/Tetragon/Tracee for behavioral detection, with a CNAPP like Sysdig/Wiz tying it together at the top.

If you block once at each step, a breach at one layer is caught at the next. The "one image scanner is enough" era is over. Start small if you must, but plan to stand up all four layers over the next one to two years — that is the 2026 answer to container security done right.

References

• Trivy docs — https://trivy.dev/
• Aqua Trivy GitHub — https://github.com/aquasecurity/trivy
• Anchore Grype — https://github.com/anchore/grype
• Anchore Syft — https://github.com/anchore/syft
• Clair v4 (Quay) — https://github.com/quay/clair
• Snyk Container — https://snyk.io/product/container-vulnerability-management/
• JFrog Xray — https://jfrog.com/xray/
• Sysdig Secure — https://sysdig.com/products/secure/
• Aqua Security — https://www.aquasec.com/
• Wiz — https://www.wiz.io/
• Orca Security — https://orca.security/
• Prisma Cloud (Palo Alto Networks) — https://www.paloaltonetworks.com/prisma/cloud
• CrowdStrike Falcon Cloud Security — https://www.crowdstrike.com/platform/cloud-security/
• Falco (CNCF) — https://falco.org/
• Tetragon (Cilium) — https://tetragon.io/
• Tracee (Aqua) — https://github.com/aquasecurity/tracee
• Kubescape (CNCF) — https://kubescape.io/
• kube-bench — https://github.com/aquasecurity/kube-bench
• kube-score — https://kube-score.com/
• Polaris (Fairwinds) — https://www.fairwinds.com/polaris
• Checkov (Bridgecrew) — https://www.checkov.io/
• OPA Gatekeeper — https://open-policy-agent.github.io/gatekeeper/
• Kyverno — https://kyverno.io/
• Sigstore / Cosign — https://www.sigstore.dev/
• SLSA Framework — https://slsa.dev/
• in-toto — https://in-toto.io/
• CycloneDX (OWASP) — https://cyclonedx.org/
• SPDX (Linux Foundation) — https://spdx.dev/
• Chainguard Images — https://www.chainguard.dev/chainguard-images
• Distroless (Google) — https://github.com/GoogleContainerTools/distroless
• Wolfi OS — https://wolfi.dev/
• NSA/CISA Kubernetes Hardening Guidance — https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3071740/
• CIS Kubernetes Benchmark — https://www.cisecurity.org/benchmark/kubernetes
• NIST SP 800-218 SSDF — https://csrc.nist.gov/projects/ssdf
• EU Cyber Resilience Act — https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act