Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
- Use trivy or grype with software installed without package manager (via tar) e.g. eclipse-temurin in the alpine version. The java executable gets unpacked into /opt but is not recognized.
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
⚖️ Kafka image : wurstmeister vs. bitnami
7 projects | dev.to | 29 Jun 2022
Q1 Safety & Security Report
2 projects | reddit.com/r/redditsecurity | 29 Jun 2022
📢 Grype v0.40.1 released and php support
1 project | dev.to | 24 Jun 2022
Checklist for Kubernetes-Based Development
11 projects | dev.to | 16 Jun 2022
Show HN: Releasing Vulnerabilities of Open Source Software
2 projects | news.ycombinator.com | 21 May 2022