Search Results for "scanning"

Harbor is an open-source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open-source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build-and-run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control...

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. Effective vulnerability scanning requires an accurate Software Bill Of Materials (SBOM) detection. KubeClarity includes a CLI that can be run locally and especially useful for CI/CD pipelines. It allows to analyze images and directories to generate SBOM, and scan it for vulnerabilities. The results can be exported to KubeClarity backend.

The Trivy Operator leverages Trivy to continuously scan your Kubernetes cluster for security issues. The scans are summarised in security reports as Kubernetes Custom Resource Definitions, which become accessible through the Kubernetes API. The Operator does this by watching Kubernetes for state changes and automatically triggering security scans in response. For example, a vulnerability scan is initiated when a new Pod is created. This way, users can find and view the risks that relate to...

LoggiFly is a lightweight, open-source monitoring tool designed to watch Docker container logs in real time and trigger alerts, notifications, or automated actions based on predefined keywords or regular expression patterns. Instead of manually scanning logs for issues or relying solely on centralized monitoring stacks, LoggiFly proactively inspects streams of container output and notifies users through services like Ntfy, Slack, Discord, Telegram, or webhooks when significant events occur. It supports plain text, regex, and multi-line pattern matching, and its flexible alert templating lets operators tailor messages for clarity and context, including attaching relevant log excerpts. ...