-
Enable container image scanning in your CI/CD phase to catch known vulnerabilities using tools like clair or Anchore.
-
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
Enable container image scanning in your CI/CD phase to catch known vulnerabilities using tools like clair or Anchore.
-
Like any other software, Kubernetes also has bugs and issues. And from time to time, there might be a high severity bug that calls for a CVE. Hence, it's an excellent idea to keep the Kubernetes version up to date on the server and the CLI client. You can check the Kubernetes security and disclosure information website to see if there are known security vulnerabilities for your Kubernetes version. If you are using a managed PaaS, it should be pretty easy to upgrade, and for on-prem installations, there are tools like kOps, kubeadm, and so on, that makes it easy to upgrade clusters.
-
docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
Use Docker Bench for Security to audit your container images
Related posts
-
Homelab vulnerability/virus scanner
-
Sublime Music - A FLOSS desktop client for Subsonic API servers (Airsonic, Navidrome, Gonic, etc)
-
Clair – Vulnerability Static Analysis for Containers
-
Clair – Vulnerability Static Analysis for Containers
-
How to leverage image vulnerability scanning on AWS ECR using a fully automated solution