C

Container Scanning

DevGuard simplifies vulnerability management for developers by integrating key security practices directly into the CI/CD workflow. With DevGuard, you can seamlessly perform tasks such as Software Composition Analysis (SCA) and Container Scanning, ensuring that vulnerabilities are detected and addressed early in your pipeline.

Scan Docker images for known vulnerabilities

Go packages to implement analyzers

CLoudanix container image scanner component for CI/CD pipelines. This component can then be added to any project pipeline with required setup to start scanning image in project.

Veracode Container/IaC/Secrets Scanning Component This Veracode Container/IaC/Secrets Scanning Component runs the Veracode-CLI on any GitLab pipeline

About The Container/IaC/Secrets Scanning Component is designed to be used in a CI/CD pipeline to scan a local folder, remote repository, image or archive for 3rd party library vulnerabilities, infrastructure as code misconfigurations and stored secrets.

For more information on Pipeline Scan visit Veracode Help Center Page: https://docs.veracode.com/r/Veracode_Container_Security

Project for testing GitLab Container Scanning functionality.

Use for a demonstration of GitLab CI/CD/Security Dashboard integration with Trivy: https://gitlab.com/aquasecurity/trivy-ci-test