openclarity/vmclarity

VMClarity is an open-source implementation of the 'agentless scanning' pattern pioneered by commercial vendors like Wiz and Orca Security. Its primary moat is the orchestration logic required to snapshot cloud block storage, mount it to a scanning instance, and run analysis tools (like Syft/Grype) without installing software on the target VM. Despite being backed by Cisco's OpenClarity initiative, the project shows relatively low community traction (104 stars over 3+ years), suggesting it may be used primarily as a component within Cisco's broader security portfolio or by a niche set of users seeking an open alternative to expensive CSPM tools. The platform domination risk is high because AWS (Inspector), Azure (Defender for Cloud), and GCP increasingly offer native agentless scanning that is easier to enable. Its survival depends on its ability to provide a unified, vendor-neutral interface across multi-cloud environments where native tools might create silos. It is a solid, production-grade utility but lacks the network effects or deep technical proprietary 'moat' to move beyond a 5 on the defensibility scale.