action #108233
closedcoordination #87853: [epic][brainstorming]
container scanning services
0%
Description
Try out container scanning services like trivy [1] and clair to be notified about vulnerabilities inside of their containers.
Investigate how those tools work and come up with a suggestion if it makes sense to include that in our tests.
NouVector [3] also offers interesting things we could use.
[1] https://github.com/aquasecurity/trivy
[2] https://github.com/quay/clair
[3] https://neuvector.com/
Updated by jlausuch over 1 year ago
- Related to action #87805: Investigate security test cases for automation added
Updated by pdostal over 1 year ago
Ad NeuVecotr, I found this: https://open-docs.neuvector.com/scanning/scanners#standalone-scanner-for-local-scanning
Updated by rbranco over 1 year ago
pdostal wrote:
Ad NeuVecotr, I found this: https://open-docs.neuvector.com/scanning/scanners#standalone-scanner-for-local-scanning
NeuVector is also a SUSE product now.
Updated by pdostal over 1 year ago
Updated by rbranco over 1 year ago
- Status changed from Workable to In Progress
- Assignee set to rbranco
Updated by rbranco over 1 year ago
I asked in #team-buildops about the issue of scanning containers and their approach is to release a new image when a new package is released, and that they tried NeuVector in IBS/OBS and failed. I also asked in #discuss-neuvector and they have their own team to test the product.
https://suse.slack.com/archives/C02BX1X92HM/p1676280368655279