Introduction

HarborGuard is a container security platform that unifies six open-source scanners into a single vulnerability management and compliance workflow. It scans container images across multiple registries, deduplicates findings with per-engine attribution, and tracks remediation through structured triage, SLA enforcement, and false-positive attestations.

Who is HarborGuard for?

• DevSecOps teams managing container security across multiple registries
• Platform engineers building secure CI/CD pipelines with automated scanning
• Compliance teams generating audit-ready evidence for SOC 2, PCI-DSS, HIPAA, and other frameworks
• Security engineers triaging vulnerabilities and tracking remediation SLAs

Deployment Options

HarborGuard is available as:

• Open Source (AGPL-3.0) — Self-hosted, free, community-supported
• Enterprise Platform — Managed cloud service with compliance features, SSO, and priority support