brinhosa/awesome-containerized-security

A collection of tools to improve your containerized apps security posture

awesome-containerized-security

A collection of tools to improve your containerized apps security posture.

This aspires to be a curated list of awesome tools you can use in order to improve your security posture. The focus is on containerized applications.

Want to add something? Open a PR :)

Github Action examples coming soon, providing easy-to-use examples for your CI pipeline

Static code analysis

• semgrep
• sonarqube
• deepsource
• embold
• OWASP code crawler
• OWASP Orizon
• snyk code

Image scanning

• docker scan
• AWS ECR Image Scanning
• Azure Container Registry scanning

Container Scanning

• snyk
• google cloud Container Scanning
• gitlab container scanning
• clair
• docker bench security
• dagda
• harbor
• jfrog xray
• qualys
• aquasec
• twistlock

Container Security Tools

• kyverno
• falco
• cert-manager
• anchore
• ksniff sniff k8s pods traffic
• k8s pod security policies

Kubernetes cluster security

• kube-hunter
• k8s network policies
• eksuser
• gatekeeper
• kube-bench
• kube-scan cluster risk assessment
• teleport
• kubescape misconfiguration scanning

Runtime level security

• sysbox

Dependencies management

• dependabot
• renovate
• greenkeeper for npm dependencies
• doppins
• tidelift
• fossa

Attack Surface Management

• detectify

Web Application Scanning

• detectify
• qualys