Skip to content

HarborGuard Documentation

Welcome to the HarborGuard documentation. HarborGuard unifies six open-source security scanners behind a single dashboard, providing vulnerability detection, SBOM generation, CVE monitoring, and compliance evidence generation across your container registries.

Get Started

  • Introduction — What HarborGuard is and who it's for
  • Quickstart — Connect a registry and run your first scan in under 5 minutes
  • Core Concepts — Registries, scans, images, vulnerabilities, SBOMs, and compliance

Key Features

  • Six Integrated Scanners — Trivy, Grype, Syft, Dockle, OSV-Scanner, and Dive running in a unified workflow
  • Multi-Registry Support — Connect to Docker Hub, ECR, GCR, ACR, GHCR, GitLab, Harbor, JFrog, Quay, Nexus, and custom OCI registries
  • CVE Intelligence — Aggregate data from NVD, OSV, GitHub Security Advisories, and CISA KEV
  • Compliance Engine — Generate evidence packs for SOC 2, PCI-DSS, NIST, HIPAA, FedRAMP, ISO 27001, CMMC, and CIS Docker
  • Enterprise Controls — RBAC, SSO/SCIM, notifications, API/CI-CD integration, and cloud sensors

On this page