Description

We've developed a monitoring tool that is able to scan virtual machine images published in the public clouds by SUSE for CVEs and trigger their refresh once the fix is available.

Currently we're missing the possibility to scan containers and provide the same type of information for the containers we ship.

Goals

The project goal is to be able to scan containers automatically and integrate the tool in our automated pipeline

Looking for hackers with the skills:

Nothing? Add some keywords!

This project is part of:

Hack Week 24

Activity

  • 23 days ago: amunoz started this project.
  • 28 days ago: amunoz originated this project.

  • Comments

    • amunoz
      23 days ago by amunoz | Reply

      A PoC was built in the container_scanning branch of the cve-monitor tool we use. The tool was able to scan containers using Neuvector and Trivy

    Similar Projects

    This project is one of its kind!