DEV Community

Shannon McFarland for Outshift By Cisco

Posted on • Updated on

VMClarity: Virtual Machine Security

VMClarity Logo

Project VMClarity

Do you have virtual machines in your environment? Do you care about their security? Are you looking for a new open-source project to contribute to? Well then, today is your lucky day!

Introducing VMClarity!


VMClarity is an open source tool for agentless detection and management of Virtual Machine (VM) Software Bill Of Materials (SBOM) and security threats such as vulnerabilities, exploits, malware, rootkits, misconfigurations, and leaked secrets.

VMClarity uses pluggable scanning infrastructure to provide the following:

  • Software Bill of Materials analysis
  • Package & OS vulnerability detection
  • Exploit detection
  • Leaked secret detection
  • Malware detection
  • Misconfiguration detection
  • Rootkit detection

Check out this quick video walk-through of what VMClarity is about:

Getting Started

Now that you have a basic understanding of what the VMClarity project is about let's check out how you can quickly get started with it:

Follow along with the video and get started today by visiting the project repo:

Stay tuned for more information on VMClarity. We will have demos, feature walk-throughs, and detailed architecture posts in the future.

Learn More & Join the Community!

You can also learn more about the other Clarity projects, such as APIClarity (API security) and KubeClarity (K8s SBOM/Supply chain security) here:

And several blogs about both projects are here:

Shannon McFarland is a Distinguished Engineer and open source advocate in Cisco’s Emerging Technology & Incubation organization. You can follow him on Twitter @eyepv6.

Top comments (1)

s8chugh profile image
Sarabjeet Chugh

Great post! Thanks Shannon!