Skip to content

Commit

Permalink
docs: add SecObserve in CI/CD and reporting (aquasecurity#6139)
Browse files Browse the repository at this point in the history
  • Loading branch information
StefanFl authored Feb 15, 2024
1 parent aadbad1 commit 73dde32
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 0 deletions.
8 changes: 8 additions & 0 deletions docs/ecosystem/cicd.md
Original file line number Diff line number Diff line change
Expand Up @@ -79,3 +79,11 @@ You can use Trivy Resource in Concourse for scanning containers and introducing
It has capabilities to fail the pipeline, create issues, alert communication channels (using respective resources) based on Trivy scan output.
👉 Get it at: <https://github.com/Comcast/trivy-resource/>
## SecObserve GitHub actions and GitLab templates (Community)
[SecObserve GitHub actions and GitLab templates](https://github.com/MaibornWolff/secobserve_actions_templates) run various vulnerability scanners, providing uniform methods and parameters for launching the tools.
The Trivy integration supports scanning Docker images and local filesystems for vulnerabilities as well as scanning IaC files for misconfigurations.
👉 Get it at: <https://github.com/MaibornWolff/secobserve_actions_templates>
5 changes: 5 additions & 0 deletions docs/ecosystem/reporting.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,3 +19,8 @@ A Trivy plugin that scans and outputs the results to an interactive html file.
Trivy-Streamlit is a Streamlit application that allows you to quickly parse the results from a Trivy JSON report.

👉 Get it at: <https://github.com/mfreeman451/trivy-streamlit>

## SecObserve (Community)
SecObserve can parse Trivy results as CycloneDX reports and provides an unified overview of vulnerabilities from different sources. Vulnerabilities can be evaluated with manual and rule based assessments.

👉 Get it at: <https://github.com/MaibornWolff/SecObserve>

0 comments on commit 73dde32

Please sign in to comment.