471,088 Members | 1,222 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes and contribute your articles to a community of 471,088 developers and data experts.

An open source container security detection tool

1
Recently, I have been researching open source container security related tools and found many excellent projects include trivy, anchor, etc., which have done a good job in vulnerability detection; while there are not many projects focusing on other security detection. So I am more interested in Chaitin's open-source inquiring container security toolset, so I record the process of using it for the first time.

First, let's take a look at the specific functions of the official description:
1. Supports detection of abnormal historical commands, malicious files, weak passwords, sensitive information, backdoors, etc.
2. Support image asset inventory, inventory image and image software assets.
3. Support local images scanning and repository images scanning, and integrate with mainstream image repositories such as Docker Hub.
4. Support mainstream CI/CD integration such as GitHub action and jenkins.
5. Run in parallel container mode, no need to compile separately, out-of-the-box.
6. Adapt to a variety of container runtimes.

## 1、Use the runner program to detect five kinds of threats in the local image

- `./parallel-container-run.sh scan-host -h` ,View scan local mirror command parameters
- `./parallel-container-run.sh scan-host` ,Scan all local images with all identified plugins
- View the current list of plugins `./parallel-container-run.sh list plugin`
- `./parallel-container-run.sh scan-host -g "**/veinmind-weakpass"` ,Specifies to scan only with weak password plugins

## 2、Use the host program to detect the warehouse image

- `./parallel-container-run.sh scan-registry -h` ,View scan remote warehouse command parameters
- `./parallel-container-run.sh scan-registry oodo` ,Try scanning the oodo image in the docker hub public repository

## 3、Integrated use in Github Action / Gitlab / Jenkins

Go directly to the official picture, I just don't want to try it.

## 4、Summarize
After simple use, it is very easy to get started, and there is almost no understanding cost. Several sensitive information and weak passwords were detected when scanning the local image. See the introduction of the malicious sample detection integrated with VT, which is quite reliable. I hope the official will continue to increase the detection rules of the tool. The issue mentioned in the research will be integrated with Jenkins so quickly. Yes, it seems that it is maintained by special personnel, and the project activity is quite high.

you can search veinmind on github to find it ,thanks for read.
4 Weeks Ago #1
0 2785

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

1 post views Thread by Markus Seibold | last post: by
10 posts views Thread by Roberto Nunnari | last post: by
158 posts views Thread by Giovanni Bajo | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.