- OWASP Dependency-Track - https://dependencytrack.org
Type: SCADescription: Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components.
Dependency-Track monitors component usage across all versions of every application in its portfolio in order to proactively identify risk across an organization. The platform has an API-first design and is ideal for use in CI/CD environments. - OpenAM - https://github.com/OpenIdentityPlatform/OpenAM
Type: IAMDescription: Open Access Management (OpenAM) is an access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security.
Cross Domain Single Sign On (CDSSO), SAML 2.0, OAuth 2.0 & OpenID Connect ensure that OpenAM integrates easily with legacy, custom and cloud applications without requiring any modifications. It's a developer-friendly, open-source control solution that allows you to own and protect your users digital identities. - AquaSec Kube-Bench - https://github.com/aquasecurity/kube-bench
Type: Security Audit
Description: Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark.
Note that it is impossible to inspect the master nodes of managed clusters, e.g. GKE, EKS and AKS. It supports the tests for Kubernetes as defined in the CIS Benchmarks 1.3.0 to 1.5.0 respectively.
No hay comentarios:
Publicar un comentario