From ddfb7d9d9ebe6c4f7f52a0fe967ba997eb768393 Mon Sep 17 00:00:00 2001
From: aubrel <red_clover@riseup.net>
Date: Sun, 30 Dec 2018 13:17:25 -0500
Subject: [PATCH] Added Clair, Gauntlt, and SonarQube.

---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index 59515c0..c3f2363 100644
--- a/README.md
+++ b/README.md
@@ -41,10 +41,13 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
 See also [awesome-devsecops](https://github.com/devsecops/awesome-devsecops).
 
 - [BlackBox](https://github.com/StackExchange/blackbox) - Safely store secrets in Git/Mercurial/Subversion by encrypting them "at rest" using GnuPG.
+- [Clair](https://github.com/coreos/clair) -  Statically analyze vulnerabilities in application containers (currently including appc and docker).
+- [Gauntlt](https://github.com/gauntlt/gauntlt) - Automate basic pentesting against your applications.
 - [Git Secrets](https://github.com/awslabs/git-secrets) - Prevents you from committing passwords and other sensitive information to a git repository.
 - [Prowler](https://github.com/toniblyx/prowler) - Tool based on AWS-CLI commands for Amazon Web Services account security assessment and hardening.
 - [Vault](https://www.vaultproject.io/) - Tool for securely accessing secrets such as API keys, passwords, or certificates through a unified interface.
 - [git-crypt](https://www.agwa.name/projects/git-crypt/) - Transparent file encryption in git; files which you choose to protect are encrypted when committed, and decrypted when checked out.
+ - [SonarQube](https://github.com/SonarSource/sonarqube) - For "continuous inspection." Works like Continuous Integration, but specifically for vulnerabilities. Sniffs out bugs, security holes, and detects new issues.
 
 ## Honeypots