Closed ThomasCardin closed 6 months ago
"Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources."
https://github.com/kubescape/kubescape
I see we're creating issues for every security tool available. Should this not start with a top-level security epic with a list of desired features independent of implementation?
After discussing with @SonOfLope , we realized that Trivy can also scan the cluster using the command (trivy k8s ...). We have therefore decided to go with Trivy only in order to limit the number of tools we use. Additionally, Aqua Security, the company behind Trivy, is very popular and well-known. Moving this issue to https://github.com/ai-cfia/howard/issues/145
See comments