Category Archives: DEVOPS

huskyCI – Performing Security Tests Inside your CI

huskyCI is an open-source tool that orchestrates security tests inside CI pipelines of multiple projects and centralizes all results into a database

Trivy – Vulnerability Scanner for Containers, Suitable for CI

Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive vulnerability scanner for containers and other artifacts.

Weave Scope – Kubernetes Monitoring Framework

Weave Scope is a visualization and monitoring tool for Docker and Kubernetes. It provides a top down view into your app as well

PyUp – Tool to Update Project’s Dependencies

PyUp is a tool that you can use to scan private and public Python dependencies for updates, vulnerabilities. The tool maintains a comprehensive

Kube-Bench – CIS Kubernetes Benchmark Assessor

kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark.

Kube-Scan – Kubernetes Risk Assessment Tool

Kube-Scan gives a risk score, from 0 (no risk) to 10 (high risk) for each workload. The risk is based on the runtime configuration of each workload

Threat Dragon – Online Threat Modelling Tool from OWASP

Threat Dragon is a free, open-source, cross-platform threat modelling application including system diagramming and a threat rule engine