#Trivy
Showing 23 of 23 repositories tagged #trivy, ranked by stars
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
๐งต CLI tool for directly patching container images!
HummerRisk ๆฏไบๅ็ๅฎๅ จๅนณๅฐ๏ผๅ ๆฌๆททๅไบๅฎๅ จๆฒป็ๅไบๅ็ๅฎๅ จๆฃๆตใ
ValidKube combines the best open-source tools to help ensure Kubernetes YAML best practices, hygiene & security.
๐งน Cleaning up images from Kubernetes nodes
VULNRฮPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/DOCX, attachments, automatic changelog, stats, vulnerability management, bugbounty, local ai/llm, super fast pentest reporting!
Import Helm Charts to OCI registries, optionally with vulnerability patching
A set of curated exercises to help you prepare for the CKS exam
Implementing End-to-End CI/CD, IaC, and Monitoring using Kubernetes, GitOps (Argo CD), GitHub Actions, Terraform, AWS EKS, Prometheus, Grafana, and Kubecost.
A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.
Udemy Course on DevSecOps
Trivy Operator Dashboard: A comprehensive tool for Trivy Operator. Offers various dashboards and interactive pages where you can browse and inspect Trivy Reports. Built with C#, .NET 10 (backend), Angular 21, and Node.js 24 (frontend).
A lightweight, Go-based VPS monitoring solution with real-time web dashboard supporting multiple agents. Monitor unlimited servers from a single dashboard overview analytics.
Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.
Practice questions for Certified Kubernetes Security Specialist (CKS) exam
๐ DevOps intro elective โ 10 hands-on labs + 2 bonus building QuickNotes end-to-end: Git internals, CI/CD with GitHub Actions, OS & networking, Vagrant VMs, Docker, Ansible, golden-signal monitoring, Trivy + ZAP scanning, and free-tier cloud deployment.
๐ DevSecOps intro elective โ 10 hands-on labs + 2 bonus hardening OWASP Juice Shop: threat modeling (STRIDE/Threagile), signed commits & secret scanning, SBOM/SCA, SAST + DAST, IaC security (Checkov/KICS), container & supply-chain hardening (Trivy, Cosign), runtime detection with Falco, and DefectDojo vuln management.
DevOps-MasterPiece Project using Git, GitHub, Jenkins, Maven, JUnit, SonarQube, Jfrog Artifactory, Docker, Trivy, AWS S3, Docker Hub, GitHub CLI, EKS, ArgoCD, Prometheus, Grafana, Slack and Hashicorp Vault
A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard) and Kubescape.
Trivy plugin for starting an MCP server
Building FlashFathom AI SAAS project that generate Flascards - Deployment Using DevSecOps Best Practices
Deploy a Netflix clone application using a secure CI/CD pipeline built with Jenkins, Docker ๐ณ , and Kubernetes โธ๏ธ. This project includes implementing code quality and security tools (SonarQube, Trivy), as well as monitoring solutions (Prometheus, Grafana) to ensure reliability and visibility
This solution provides an overview of DevSecOps CICD Pipeline Implementation using AWS DevOps Services and other tools