mirror of
https://github.com/veggiemonk/awesome-docker.git
synced 2024-12-21 13:45:07 -05:00
Add Syft SBOM tool to the Awesome Docker Security section 🎉 (#1134)
* Add Syft to the security section
The world's favorite SBOM tool :D
* Fix my markdown blunder
Ahem.
* ABCDEFGHIJKLMNOPQR S TUVWXYZ
You'd have thought I'd have learned the alphabet by now.
I don't know *what* I was thinking, putting it waaaay up there.
Sorry about that.
* Update Syft & Anchore
Ok, I didn't realise the Anchore link at the top is actually to a product which is no longer available. So, I did the following to reduce mess:
1) Fixed the Anchore Enterprise product name, and added the 💲 because it's a paid product.
2) Removed reference to Anchore from Syft, as it's an open source project with multiple contributors outside Anchore.
I hope that's okay :D
This commit is contained in:
parent
a64c12fd11
commit
cf36e94b71
@ -307,7 +307,7 @@ _Source:_ [What is Docker](https://www.docker.com/why-docker/)
|
||||
### Security
|
||||
|
||||
- [Anchor](https://github.com/SongStitch/anchor/) - A tool to ensure reproducible builds by pinning dependencies inside your Dockerfiles [@SongStitch](https://github.com/songStitch/)
|
||||
- [Anchor Engine](https://github.com/anchore/anchore) - Analyze images for CVE vulnerabilities and against custom security policies by [@Anchor](https://github.com/anchore)
|
||||
- [Anchor Enterprise](https://anchore.com/) :heavy_dollar_sign: - Analyze images for CVE vulnerabilities and against custom security policies by [@Anchor](https://github.com/anchore)
|
||||
- [Aqua Security](https://www.aquasec.com) :heavy_dollar_sign: - Securing container-based applications from Dev to Production on any platform
|
||||
- [bane](https://github.com/genuinetools/bane) - AppArmor profile generator for Docker containers by [@genuinetools][genuinetools]
|
||||
- [CetusGuard](https://github.com/hectorm/cetusguard) - CetusGuard is a tool that protects the Docker daemon socket by filtering calls to its API endpoints
|
||||
@ -325,6 +325,7 @@ _Source:_ [What is Docker](https://www.docker.com/why-docker/)
|
||||
- [notary](https://github.com/theupdateframework/notary) - a server and a client for running and interacting with trusted collections. By [@TUF](https://github.com/theupdateframework)
|
||||
- [oscap-docker](https://github.com/OpenSCAP/openscap) - OpenSCAP provides oscap-docker tool which is used to scan Docker containers and images. By [OpenSCAP](https://github.com/OpenSCAP)
|
||||
- [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud) :heavy_dollar_sign: - (previously Twistlock Security Suite) detects vulnerabilities, hardens container images, and enforces security policies across the lifecycle of applications.
|
||||
- [Syft](https://github.com/anchore/syft) - CLI tool and library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
|
||||
- [Sysdig Falco](https://github.com/falcosecurity/falco) - Sysdig Falco is an open source container security monitor. It can monitor application, container, host, and network activity and alert on unauthorized activity.
|
||||
- [Sysdig Secure](https://sysdig.com/solutions/cloud-threat-detection-and-response/) :heavy_dollar_sign: - Sysdig Secure addresses run-time security through behavioral monitoring and defense, and provides deep forensics based on open source Sysdig for incident response.
|
||||
- [Trend Micro DeepSecurity](https://www.trendmicro.com/en_us/business/products/hybrid-cloud/deep-security.html) :heavy_dollar_sign: - Trend Micro DeepSecurity offers runtime protection for container workloads and hosts as well as preruntime scanning of images to identify vulnerabilities, malware and content such as hardcoded secrets.
|
||||
|
Loading…
Reference in New Issue
Block a user