-
## Problem/Concern
As discussed in #742, we will be disabling Docker vulnerability scanning until such time that we can establish the scanning with white listing supported. This issue is to do t…
-
[copa](https://github.com/project-copacetic/copacetic) is a CLI tool written in Go and based on buildkit that can be used to directly patch container images given the vulnerability scanning results fr…
-
Objective: Optimize the vulnerability scanning activity taking place within the kubernetes cluster.
Problem Statement: In kubernetes cluster deployments with high-volume actions (create, modify, de…
-
**Description**
I have found that my Salt Master servers running 3007.0 become unresponsive on a weekly basis after our internal vulnerability scans run (Tenable Vulnerability Management). This is ve…
-
#### What happened:
CVE in `registry.k8s.io/build-image/distroless-iptables:v0.6.2` image
```bash
➜ trivy image --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL registry.k8s.io/…
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/7334
Originally posted by **scott-boost** August 13, 2024
### Description
When scanning a cyclone dx sbom with 2 component…
-
To provide better security guarantees and to able to meet the industry standards on containerized application security, we have to implement a continuous docker image vulnerability scanning.
## Mot…
-
There is a bunch of vulnerabilities in many of the node modules in `browser/flagr-ui/package-lock.json`
## Expected Behavior
Dependabot vulnerability scanning is turned on, making it easier to man…
-
- [ ] Use SAS-Github actions to run Trivy on Docker images created in build
- [ ] Add NPM audit to PR checks to catch issues early
- [ ] Delete Snyk webhook once above actions complete
-
# Summary
Google can [scan docker images](https://console.cloud.google.com/artifacts/settings) pushed to our artifact registry for vulnerabilities. This might give us early warning about security i…