trivy operator

We have hosted the application trivy operator in order to run this application in our online workstations with Wine or directly.

Quick description about trivy operator:

The Trivy Operator leverages Trivy to continuously scan your Kubernetes cluster for security issues. The scans are summarised in security reports as Kubernetes Custom Resource Definitions, which become accessible through the Kubernetes API. The Operator does this by watching Kubernetes for state changes and automatically triggering security scans in response. For example, a vulnerability scan is initiated when a new Pod is created. This way, users can find and view the risks that relate to different resources in a Kubernetes-native way. The Trivy Operator automatically generates and updates security reports. These reports are generated in response to new workload and other changes on a Kubernetes cluster.

Features:

• Automated vulnerability scanning for Kubernetes workloads
• Automated configuration audits for Kubernetes resources with predefined rules or custom Open Policy Agent (OPA) policies
• Automated secret scans which find and detail the location of exposed Secrets within your cluster
• Role Based Access Control scans provide detailed information on the access rights of the different resources installed
• K8s core component infra assessment scan Kubernetes infra core components (etcd,apiserver,scheduler,controller-manager and etc) setting and configuration
• CIS Kubernetes Benchmark v1.23 cybersecurity technical report is produced

Programming Language: Go.
Categories: