[Podman] suggestions for container security vulnerability scanners?

not really a podman-related question, but a colleague asked about the options for open source container security scanners. i know about commercial offerings like black duck; what are the choices of the denizens of this list? thank you kindly. rday -- ======================================================================== Robert P. J. Day Ottawa, Ontario, CANADA http://crashcourse.ca Twitter: http://twitter.com/rpjday LinkedIn: http://ca.linkedin.com/in/rpjday ========================================================================