miércoles, 4 de noviembre de 2020

Security along the Container-based SDLC - OSS Tool List

 Security along the Container-based SDLC - OSS Tool List
 
  • OWASP Dependency-Track - https://dependencytrack.org
    Type: SCA
    Description: Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components.
    Dependency-Track monitors component usage across all versions of every application in its portfolio in order to proactively identify risk across an organization. The platform has an API-first design and is ideal for use in CI/CD environments.

  • OpenAM - https://github.com/OpenIdentityPlatform/OpenAM
    Type: IAM
    Description: Open Access Management (OpenAM) is an access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security.
    Cross Domain Single Sign On (CDSSO), SAML 2.0, OAuth 2.0 & OpenID Connect ensure that OpenAM integrates easily with legacy, custom and cloud applications without requiring any modifications. It's a developer-friendly, open-source control solution that allows you to own and protect your users digital identities.

  • AquaSec Kube-Bench - https://github.com/aquasecurity/kube-bench
    Type: Security Audit
    Description: Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark.
    Note that it is impossible to inspect the master nodes of managed clusters, e.g. GKE, EKS and AKS. It supports the tests for Kubernetes as defined in the CIS Benchmarks 1.3.0 to 1.5.0 respectively.

 

More...

No hay comentarios: