|5 months ago||18 days ago|
|Apache License 2.0||MIT License|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Continuous Container Vulnerability Testing With Trivy
5 projects | dev.to | 4 Nov 2021
Let me close up this post by mentioning that Trivy can be extended with plugins and custom policies. For example, Aqua provides the kubectl plugin to better integrate Trivy with Kubectl. The plugin lets us scan images running in a Kubernetes pod or deployment:
What are some alternatives?
appshield - Security configuration checks for popular cloud native applications and infrastructure.
kube-score - Kubernetes object analysis with recommendations for improved reliability and security
kubernetes-extension-fortosi - 'Fortosi' Kubernetes extension is meant to address a fundamental requirement of any project team running their applications on Kubernetes - which is to quickly provision CI/CD pipelines (on demand) for their various private/public GitHub projects/organisation using simple kubectl commands. Basically, implementing the concept of No Ops. It is agnostic of cloud platform, be it AWS (EKS) or Azure (AKS), and agnostic of application technology framework.
trivy - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
kubeconform - A FAST Kubernetes manifests validator, with support for Custom Resources!
container-structure-test - validate the structure of your container images
rubygems - Library packaging and distribution for Ruby.
kubernetes - Production-Grade Container Scheduling and Management