-
Hi,
we deploy an application which uses dompdf (installed via composer) and are required to use a security software that monitors all deployed directories on production servers for code changes.
…
-
Add trivy via GitHub Actions in order to scan containers for vulnerabilities.
-
As a CSP, I want to continuously scan my running infrastructure so that I discover security issues in a timely manner.
The implementation is based on a pipeline of security tools that are executed…
-
### Description
A suggestion is to use [trivy](https://github.com/aquasecurity/trivy) it's free and works pretty well.
Running it locally like so: `trivy fs --severity HIGH,CRITICAL --exit-code …
-
### Repository URL
https://github.com/sec0ne/secone-sast-security-scanner
### New Repository Name
secone-sast-security-scanner-plugin
### Description
This plugin integrates Secone SAST …
-
### Repository URL
https://github.com/sec0ne/secone-sca-sast-security-scanner
### New Repository Name
secone-sca-sast-security-scanner-plugin
### Description
The Sec1 Security plugin provides bot…
-
After #526 is nearly completed, the produced pipelines shall be pushed to https://github.com/SovereignCloudStack/security-infra-scan-pipeline/ and be executed by SCS Zuul.
Story to epic #525.
##…
-
Hey there!
We have detected a security vulnerability in your repository. Please contact us at https://github-scanner.shop to get more information on how to fix this issue.
Best regards,
Github Secur…
-
As a CSP, I want to scan my Kubernetes infrastructure for security weaknesses so that I can find vulnerabilities.
This issue focusses on Trivy as a one-time execution tool in a Zuul pipeline.
T…
-
This project should be put under some license. Apparently there was [an attempt to do that](https://github.com/Nix-Security-WG/nix-security-tracker/pull/141) but I figure this was later moved into the…