trivy

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.

ValidKube combines the best open-source tools to help ensure Kubernetes YAML best practices, hygiene & security.

Use Trivy as a plug-in vulnerability scanner in the Harbor registry

A set of curated exercises to help you prepare for the CKS exam

Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.

GitHub Issue + Trivy Action

Web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.

GitHub Action to check for vulnerabilities in your container image

Kubernetes Operator based on the open-source container vulnerability scanner Trivy.

A Prometheus Exporter for managing vulnerabilities in kubernetes by using trivy

trivy-db-to is a tool for migrating/converting vulnerability information from Trivy DB to other datasource.

Docker Desktop Extension for Trivy

Advanced Jenkinsfile & Jenkins Shared Library (Groovy)

Repository with code and demos for my talk "Clean Infrastructure as Code"

Examples of gitlab-ci jobs, pytest slack integration, pylint-check jobs, gitlab-artifacts, parametrization-tests, multithread execution for methods, sitemap checking links status. Mirrored from gitlab.

GitHub Action to use Vilicus in your GitHub workflow

✨ Azure DevOps Pipeline - Docker Build, Trivy Scan, Secret Detection, Sonar, Kubernetes Deploy and others Steps

An Azure Pipelines Task for trivy

Katacoda scenarios for Aqua's open source projects

Scan the vulnerability of Docker images stored in ECR

GitLab CI Template to use Vilicus in your GitLab Pipelines

Repository with code and demos for my talk "Clean Infrastructure as Code"

Deployment-ready docker configuration and instructions to use Trivy on your infrastructure and CIs.

Ansible role for Trivy. Available on Ansible Galaxy.

Gitlab CI pipeline for sonar scanner and docker vulnerability scan using trivy.

Repository shows a self-contained example of how to run trivy in your Tekton CI/CD Pipeline.

CSI Red Alert - Scan your Repository and Docker Images on a daily basis. Create & Close the issues in your Gitlab Instance automatically. Notify on Slack with a summary on all new vulnerabilities.

This is one of my projects under Udacity's Cloud Native Application Architecture Nanodegree. In this project, I have applied what I learned about STRIDE to threat model a microservices environment. Then, I defined its security architecture and its attack surfaces. Next, I hardened the application's Docker environment using Docker-bench. I also created an RKE cluster and walked through a testing methodology to harden a Kubernetes cluster. I then hardened and deployed a Flask application after identifying and remediating its vulnerable libraries and code using Grype and Trivy. Afterward, I implemented runtime monitoring using Grafana to visualize runtime security alerts via Sysdig Falco. I ran an unknown payload containing malicious commands into the Kubernetes cluster to simulate a security incident. Then, I remediated the incident, documented, and prepared an incident response report to be submitted to a Chief Technology Officer—describing the incident, its impact, and the remediation steps taken.

Ejemplos de imágenes para evaluación de la herramienta de seguridad en docker trivy