Which tool are you using for security static analysis of manifests?

This page summarizes the projects mentioned and recommended in the original post on /r/kubernetes
security-tools Containers Kubernetes Devsecops Security

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    • Trivy supports manifests now as well. Link to docs

  • awesome-containerized-security

    A collection of tools to improve your containerized apps security posture

    • Making an effort to gather containers security tools here https://github.com/koslib/awesome-containerized-security - got already from this post ideas for missing tools to add in the list

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • Monokle

    🧐 Monokle Desktop empowers you to better create, understand, and deploy YAML manifests with a visual UI that also provides policy validation and cluster insights.

    • Monokle provides a UI for all the OPA/security/schema/link/etc validations that you can find in tools like Trivvy, Kubescape, etc - allowing you to view and fix any errors in your manifests interactively - screenshots are at https://kubeshop.github.io/monokle/resource-validation/ - download from github - https://github.com/kubeshop/monokle

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Securing the software supply chain in the cloud

    9 projects | dev.to | 10 Dec 2022

  • A beginner's question : am I doing things the right way ?

    1 project | /r/docker | 17 Sep 2021

  • Cloud Security and Resilience: DevSecOps Tools and Practices

    10 projects | dev.to | 1 May 2024

  • Introduction to the Kubernetes ecosystem

    7 projects | dev.to | 25 Apr 2024

  • Cisco to Acquire Cloud Native Networking and Security Leader Isovalent

    1 project | news.ycombinator.com | 21 Dec 2023