|28 days ago||3 months ago|
|Open Policy Agent||Ruby|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Continuous Container Vulnerability Testing With Trivy
5 projects | dev.to | 4 Nov 2021
Being proactive in this area means using IaC tools such as Terraform, so Trivy can enforce a set of rules that encode good security practices.
A simple security scanner for vulnerabilities and configuration issues in IaC such as Kubernetes, Dockerfile and Terraform
3 projects | reddit.com/r/netsec | 14 Jul 2021
For the IaC scanning there's a couple of rule sources. The Docker and Kubernetes rules come from the AppShield project (https://github.com/aquasecurity/appshield/). The Terraform Scanning is powered by tfsec (https://github.com/aquasecurity/tfsec/)
What are some alternatives?
kube-score - Kubernetes object analysis with recommendations for improved reliability and security
trivy-plugin-kubectl - A Trivy plugin that scans the images of a kubernetes resource
trivy - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
container-structure-test - validate the structure of your container images
rubygems - Library packaging and distribution for Ruby.
kubernetes-extension-fortosi - 'Fortosi' Kubernetes extension is meant to address a fundamental requirement of any project team running their applications on Kubernetes - which is to quickly provision CI/CD pipelines (on demand) for their various private/public GitHub projects/organisation using simple kubectl commands. Basically, implementing the concept of No Ops. It is agnostic of cloud platform, be it AWS (EKS) or Azure (AKS), and agnostic of application technology framework.
kubeconform - A FAST Kubernetes manifests validator, with support for Custom Resources!
tfsec - Security scanner for your Terraform code