Quick Start

reel runs in two modes. Start with the CLI — upgrade to the agent when you need continuous coverage.

CLI

Open · No license required

One-shot scans from your terminal or CI pipeline. Scan images and running containers for vulnerabilities, crypto, and malware.

# Install

brew install getreeldev/tap/reel

# Scan an image

reel export sbom nginx:latest

# Vulnerability report

reel export sbom nginx:latest --scanners vuln

# Crypto inventory

reel export cbom nginx:latest

✓SBOM & vulnerability scanning

✓Cryptographic inventory (CBOM)

✓Malware detection

✓Live container scanning (--container)

CLI Reference

Agent

Premium · License required

Deploy once in Kubernetes. Scans run continuously on schedule — SBOMs, forensic captures, and filesystem diffs archived to S3 automatically.

# Deploy

helm install reel oci://docker.io/getreel/helm

# Schedule via pod annotations

reel.io/schedule: |

@every 1h | export sbom

@daily | export cbom

@every 6h | export malware

✓Everything in CLI, plus:

✓Scheduled continuous scanning

✓S3 evidence vault archival

✓CRIU forensic checkpoints

✓Filesystem drift tracking

Agent Docs

Tutorials

Vulnerability Scanning

SBOMs and CVE detection

Crypto Compliance

Algorithms, certs, and keys

Malware Detection

ClamAV filesystem scans

Incident Forensics

Memory, processes, files

Change Tracking

Filesystem layer diffs

Installation

All platforms, verification, offline mode

GitHub Action

Scan images in CI/CD pipelines

CI/CD Pipelines

GitLab, Jenkins, generic workflows

Configuration

Flags, env vars, Helm values

Requirements

Kubernetes, OS, CRIU, resources

Sizing

Storage and resource planning