Automated CVE scanning of deployed applications

dpc-sdp / bay-roadmap

Public roadmap for Bay container platform - part of Single Digital Presence

GNU General Public License v3.0

0 stars 0 forks source link

Automated CVE scanning of deployed applications #7

Open nicksantamaria opened 1 year ago

nicksantamaria commented 1 year ago

Leverage bill of materials that lagoon generates.

Run in AWX?

Surface results in a report.

nicksantamaria commented 6 months ago

@GROwen has suggested we could do a trivy scan of the SBOM generated by lagoon, and then push the resulting sarif file to the github security tool. This would give us some consistency in terms of tooling used for monitoring vulnerabilities.