Task#4.1 Validating the tool by identifying insecure practices in GITHUB datasets

Question

Task#4.1 Validating the tool by identifying insecure practices in GITHUB datasets

Closed this issue 4 years ago · 0 comments

Initial RESULT from GITHUB dataset

Need to reopen this issue each time change in rules and code in #4 and #5

NO RBAC in 767 repositories out of 806
DEFAULT NAMESPACE COUNT---> 247
NO TLS --> 1005
NO RESOURCE LIMIT ---> 321
USERNAME ---> 407 PASSWORD---> 371 KEY----> 1171
PRIVILEGE ESCALATION--> 2 MISSING SECURITY CONTEXT--> 319 PRIVILEGED CONTAINER--> 16
ROOT PRIVILEGE --> 29
NO ROLLING UPDATE --> 392 out of 1813 instances
NETWORK POLICY MISSING in 153 repositories out of 806
NETWORK EGRESS POLICY MISSING in 153 repositories out of 806
FOUND 802 INSECURE repositories out of 806 repositories
FOUND 2005 INSECURE YAML files out of 11377 total files