Merge pull request #84 from ogarrett/master

Add ThreatMapper/SecretScanner open source scanning tools
This commit is contained in:
Omar Santos 2022-04-01 07:36:08 -04:00 committed by GitHub
commit eaac26d15e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 3 deletions

View File

@ -1,4 +1,4 @@
# Additinal Docker Security Tools and Resources
# Additional Docker Security Tools and Resources
- [Anchor Engine](https://github.com/anchore/anchore) - Analyze images for CVE vulnerabilities and against custom security policies by [@Anchor](https://github.com/anchore)
- [Aqua Security](https://www.aquasec.com) :heavy_dollar_sign: - Securing container-based applications from Dev to Production on any platform
@ -6,8 +6,9 @@
- [CIS Docker Benchmark](https://github.com/dev-sec/cis-docker-benchmark) - This [InSpec][inspec] compliance profile implement the CIS Docker 1.12.0 Benchmark in an automated way to provide security best-practice tests around Docker daemon and containers in a production environment. By [@dev-sec](https://github.com/dev-sec)
- [Clair](https://github.com/quay/clair) - Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers. By [@coreos][coreos]
- [Dagda](https://github.com/eliasgranderubio/dagda) - Dagda is a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities. By [@eliasgranderubio](https://github.com/eliasgranderubio)
- [Deepfence Enterprise](https://deepfence.io) :heavy_dollar_sign: - Full life cycle Cloud Native Workload Protection platform for kubernetes, virtual machines and serverless. By [@deepfence](deepfence)
- [Deepfence Threat Mapper](https://github.com/deepfence/ThreatMapper) - Powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless.
- [Deepfence SecretScanner](https://github.com/deepfence/SecretScanner) - Find unprotected secrets - tokens, keys, passwords - in containers and host filesystems.
- [Deepfence ThreatMapper](https://github.com/deepfence/ThreatMapper) - Powerful open source runtime vulnerability scanner for kubernetes, virtual machines and serverless.
- [Deepfence ThreatStryker](https://deepfence.io/threatstryker/) :heavy_dollar_sign: - Full life cycle Cloud Native Workload Protection platform for kubernetes, virtual machines and serverless. By [@deepfence](deepfence)
- [docker-bench-security](https://github.com/docker/docker-bench-security) - script that checks for dozens of common best-practices around deploying Docker containers in production.
- [docker-explorer](https://github.com/google/docker-explorer) - A tool to help forensicate offline docker acquisitions by Google
- [docker-lock](https://github.com/safe-waters/docker-lock) - A cli-plugin for docker to automatically manage image digests by tracking them in a separate Lockfile. By [@safe-waters][safe-waters]

View File

@ -115,6 +115,8 @@
- [KubiScan](https://github.com/cyberark/KubiScan)
- [Kubernetes Audit by Trail of Bits](https://github.com/trailofbits/audit-kubernetes)
- [kubeaudit](https://github.com/Shopify/kubeaudit)
- [SecretScanner](https://github.com/deepfence/SecretScanner)
- [ThreatMapper](https://github.com/deepfence/ThreatMapper)
- [falco](https://github.com/falcosecurity/falco)
- [kubesec](https://github.com/controlplaneio/kubesec)
- [kube-bench](https://github.com/aquasecurity/kube-bench)