-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Current Behavior
anytime i use nuclei with or without a config file I get this error, even when scanning one s…
-
When running the `Veracode IaC/Secrets Scanning` workflow and the vulnerability database is not accessible, we get a strange results.json not found error:
```
Run veracode/container_iac_secrets_sc…
-
#### What happened:
CVE in `registry.k8s.io/build-image/distroless-iptables:v0.6.2` image
```bash
➜ trivy image --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL registry.k8s.io/…
-
Hi Im new here and new to Pen testing, I am trying to exploit a ProFTPD Backdoor Unauthorised Access Vulnerability , I get as far as the exploit on metasploit and get presented with : Exploit aborted …
-
**Project Details:**
We currently perform only code quality check on Coverage using sonarcloud.
Code security is an important aspect using which we will be able to identify security issues an…
-
There seems to be an issue with the latest release `v0.26.0` while scanning with trivy-action.
### Expected Output:
> A successful scan
### Actual Output:
> scan error: scan failed: failed an…
-
**Background**: Today we have scanning implemented using [`snyk`](https://github.com/kubernetes/sig-security/blob/main/sig-security-tooling/vulnerability-mgmt/build-time-dependencies.md). It has worke…
-
ZAP should probably be removed from the guidelines: https://owasp.org/www-project-devsecops-guideline/latest/02b-Dynamic-Application-Security-Testing
https://github.com/OWASP/www-project-developer-…
-
**What happened**:
Currently, security scanning jobs fail a PR if any of the project’s dependencies are identified as containing a known vulnerability. This prevents us merging PRs when a vulnerabi…
skitt updated
3 weeks ago
-
https://tetragon.io/
Evaluate:
- Community adoption
- Chainguard/Ironbank support
- Feature parity with NeuVector
- Out of the box experience and alignment with deployment methodology (helm, co…