Awesome-Mirrors/awesome-docker
1
0
Fork 0
mirror of https://github.com/veggiemonk/awesome-docker.git synced 2024-10-01 01:36:03 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add Syft SBOM tool to the Awesome Docker Security section 🎉 (#1134)

Browse Source 
* Add Syft to the security section

The world's favorite SBOM tool :D

* Fix my markdown blunder

Ahem.

* ABCDEFGHIJKLMNOPQR S TUVWXYZ

You'd have thought I'd have learned the alphabet by now. 

I don't know *what* I was thinking, putting it waaaay up there. 

Sorry about that.

* Update Syft & Anchore

Ok, I didn't realise the Anchore link at the top is actually to a product which is no longer available. So, I did the following to reduce mess:

1) Fixed the Anchore Enterprise product name, and added the 💲 because it's a paid product.

2) Removed reference to Anchore from Syft, as it's an open source project with multiple contributors outside Anchore.

I hope that's okay :D
This commit is contained in:
Alan Pope 2024-07-12 23:10:49 +01:00 committed by GitHub
parent a64c12fd11
commit cf36e94b71
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -307,7 +307,7 @@ _Source:_ [What is Docker](https://www.docker.com/why-docker/)
### Security
- [Anchor](https://github.com/SongStitch/anchor/) - A tool to ensure reproducible builds by pinning dependencies inside your Dockerfiles [@SongStitch](https://github.com/songStitch/)
- [Anchor Engine](https://github.com/anchore/anchore) - Analyze images for CVE vulnerabilities and against custom security policies by [@Anchor](https://github.com/anchore)
- [Anchor Enterprise](https://anchore.com/) :heavy_dollar_sign: - Analyze images for CVE vulnerabilities and against custom security policies by [@Anchor](https://github.com/anchore)
- [Aqua Security](https://www.aquasec.com) :heavy_dollar_sign: - Securing container-based applications from Dev to Production on any platform
- [bane](https://github.com/genuinetools/bane) - AppArmor profile generator for Docker containers by [@genuinetools][genuinetools]
- [CetusGuard](https://github.com/hectorm/cetusguard) - CetusGuard is a tool that protects the Docker daemon socket by filtering calls to its API endpoints
@ -325,6 +325,7 @@ _Source:_ [What is Docker](https://www.docker.com/why-docker/)
- [notary](https://github.com/theupdateframework/notary) - a server and a client for running and interacting with trusted collections. By [@TUF](https://github.com/theupdateframework)
- [oscap-docker](https://github.com/OpenSCAP/openscap) - OpenSCAP provides oscap-docker tool which is used to scan Docker containers and images. By [OpenSCAP](https://github.com/OpenSCAP)
- [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud) :heavy_dollar_sign: - (previously Twistlock Security Suite) detects vulnerabilities, hardens container images, and enforces security policies across the lifecycle of applications.
- [Syft](https://github.com/anchore/syft) - CLI tool and library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
- [Sysdig Falco](https://github.com/falcosecurity/falco) - Sysdig Falco is an open source container security monitor. It can monitor application, container, host, and network activity and alert on unauthorized activity.
- [Sysdig Secure](https://sysdig.com/solutions/cloud-threat-detection-and-response/) :heavy_dollar_sign: - Sysdig Secure addresses run-time security through behavioral monitoring and defense, and provides deep forensics based on open source Sysdig for incident response.
- [Trend Micro DeepSecurity](https://www.trendmicro.com/en_us/business/products/hybrid-cloud/deep-security.html) :heavy_dollar_sign: - Trend Micro DeepSecurity offers runtime protection for container workloads and hosts as well as preruntime scanning of images to identify vulnerabilities, malware and content such as hardcoded secrets.