MeshReader
Launch
About us

About MeshReader

MeshReader is an open-source Application Security Posture Management (ASPM) tool built for the way teams actually run software today: on Kubernetes, across many services, assembled from open-source dependencies. We started MeshReader because security tooling is good at producing long lists of vulnerabilities and bad at answering the only question that matters in the moment — what should I fix first?

Our mission

Make application security posture legible. Instead of a spreadsheet of CVEs, MeshReader gives you a living map of your cluster: every service, how it connects, what it depends on, and where real risk concentrates. When risk is visible and explainable, teams make better decisions faster.

How it works

  • Discover — services, deployments, and pods are read directly from the Kubernetes API.
  • Scan — Syft builds an SBOM of each image and Grype matches it against CVE data.
  • Score — risk is computed from Impact (sensitivity × severity) and Exploitability (exposure).
  • Visualize — everything renders as a dependency graph, table, and detail panel.

Open by design

MeshReader is built on a clean, scanner-agnostic protobuf object model that you own. The collector, the ingestion backend, and the frontend are all open source, so you can extend the data model, add scanners, or re-weight risk to match your own policy. Nothing about your posture is locked away in a proprietary format. Explore the code onGitHub.

Who it's for

Platform and DevSecOps teams who run workloads on Kubernetes and want a shared, honest picture of their software supply chain risk — without sending sensitive cluster data to a third party.

Questions or ideas? Get in touch.