Threat modeling |
Threat dragon, Cairis
|
Secret scan |
detect-secret, Gitleaks, git-secrets
|
SBOM scan |
Syft, Grype, Trivy, Dependency-check, Dependency-track
|
SAST scan |
SonarQube, Checkmarx, Veracode, Klocwork
|
Unit testing |
JaCoCo, Mocha, Jasmine
|
Dockerfile scan |
Checkov, docker scan
|
Container scan |
Trivy, Grype, Clair, docker scan, Aqua scan
|
Container signing |
Cosign, Skopeo
|
Container validation |
goss, kgoss
|
Kubernete manifest scan |
Checkov, Terrascan, KubeLinter
|
Kubernetes manifest pre-check |
Kyverno, Kubewarden, Gatekeeper
|
CIS scan |
kube-bench, CIS-CAT Pro, Prowler
|
IaC scan |
Checkov, Terrascan, KICS, Terratest
|
API testing |
JMeter, Taurus, Postman, SoapUI
|
DAST scan |
ZAP,HCL Appscan, Burp Suite, Invicti, Checkmarx, InsightAppSec
|
Distributed tracing |
Zipkin, Jaeger
|
Cloud native runtime security |
Falco, Tetragon, Kubearmor, Tracee
|
Service mesh |
Istio, Linkerd, Cilium, Traefik
|
Network security scan |
Nmap, Wireshark, tcpdump, OpenVAS, Metasploit
|
Antivirus scan |
Falcon, SentinelOne, Clamav
|
OS vulnerability scan |
OpenVAS, Nessus, Nexpose
|
OS patching |
Foreman, Red Hat Satellite, Uyuni
|
Pen testing |
ZAP, Metasploit, Burp Suite
|