Our great sponsors
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
starboard-exporter
A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).
-
Monokle
🧐 Monokle Desktop empowers you to better create, understand, and deploy YAML manifests with a visual UI that also provides policy validation and cluster insights.
Trivy to scan your Container Image, for example as an Artefact finished building for your application in CI/CD.
Trivy-Operator (previously known as Starboard) to continuously scan all new workloads in your Kubernetes Cluster. It also uses Trivy so you have a close engine stack.
Starboard-Operator (by GiantSwam) exposes the Reports created by Trivy-Operator as Prometheus compatible Metrics. Next you can use Grafana to get an overview of all your currently running workloads and their vulnerabilities data.
Monokle is another viable option for doing this pre-deployment. It has OPA functionality integrated so you set up and configure additional policies to be checked earlier in your workflow. It also helps with other pre-deployment validation issues. The performance was a bit off for a while but seems they've been working on it as of late.