-
A framework for securing software update systems
Release signing—or attestation—was a hot topic at KubeCon among vendors, with many offering their own solutions. One in particular that stood out was CNCF’s recently graduated The Update Framework (TUF).
#Security & Privacy #Monitoring Tools #File Management 4 social mentions
-
Cisco Cloud Application Security
If you would rather not install each of the components yourself, then they’re commercially available as part of Cisco Panoptica.
#DevSecOps #Security #Web Application Security 1 social mentions
-
Kubernetes security made for developersPricing:
- Open Source
Kubescape is a comprehensive Kubernetes security platform and CNCF sandbox project. It can scan clusters, Helm charts, and YAML manifests to detect misconfigurations. It supports various frameworks, including NSA-CISA, MITRE ATT&CK®, and the CIS Benchmark.
#Developer Tools #Cloud Computing #SaaS 9 social mentions
-
Runtime SecurityPricing:
- Open Source
Falco is a well-known open source security solution originally created by Sysdig. It’s a CNCF incubating project and one of the few (as far as I can tell) options on this list that uses eBPF to scan for vulnerabilities.
#Monitoring Tools #Cyber Security #Security 12 social mentions
-
OWASP Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows...Pricing:
- Open Source
#Security #Code Analysis #Security & Privacy 19 social mentions
-
Achore offers end to end security and compliance tools to help deploy containers with confidence.
Syft is a popular open source CLI tool created by Anchore for generating an SBOM from container images and filesystems. It’s designed to provide a catalog of dependencies for other tools to use as a data source. It supports many popular programming languages, package managers, and container image formats.
#Security #Security Monitoring #Online Services 5 social mentions