Container Security Tools
- 01. Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including OCI and docker).
- 02. Anchore is an open-source project for deep analysis of docker images - It also certifies a docker image telling whether it is secured or not.
- 03. Dagda is a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities.
- 04. Falco, the cloud-native runtime security project, is the de facto Kubernetes threat detection engine
- 05. Aqua Vulnerability Scanning and Management - Protect cloud native applications by minimizing their attack surface, detecting vulnerabilities, embedded secrets, and other security issues
- 06. The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
- 07. Harbor is an open source registry that secures artifacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted
- 08. JFrog Xray Vulnerability Scanning - Visibility into all of the underlying layers and dependencies of components, even those packaged in Docker images, and zip files.
- 09. Qualys Container Security - Discover, track and continuously secure containers – from build to runtime.
- 10. Docker Scan - Vulnerability scanning for Docker local images
- 11. Cilium is an open source software for providing, securing and observing network connectivity between container workloads
- 12. The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines.
- 13. Banyan Collector: A framework to peek inside containers
- 14. hub-detect-ws is container-based Web Service for scanning (via the file signature-based iScan) and inspecting (via the Linux package manager-based image inspector) Docker images.
- 15. Batten - A Hardening and Auditing Tool For Docker Hosts & Containers