Open bedroge opened 2 years ago
During his talk at the CVMFS workshop (see (https://indico.cern.ch/event/1079490/contributions/4949461/attachments/2507114/4308224/CVMFS%20Workshop%20-%20Harbor%20Registry.pdf)), Ricardo Rocha from CERN mentioned a few vulnerability scanning tools (for containers) they use:
https://github.com/aquasecurity/trivy https://github.com/quay/clair https://sysdig.com/products/secure/image-scanning/
Especially the first one looks very interesting and should work on regular filesystems too, so we may want to try it out on our repository.
During his talk at the CVMFS workshop (see (https://indico.cern.ch/event/1079490/contributions/4949461/attachments/2507114/4308224/CVMFS%20Workshop%20-%20Harbor%20Registry.pdf)), Ricardo Rocha from CERN mentioned a few vulnerability scanning tools (for containers) they use:
https://github.com/aquasecurity/trivy https://github.com/quay/clair https://sysdig.com/products/secure/image-scanning/
Especially the first one looks very interesting and should work on regular filesystems too, so we may want to try it out on our repository.