The repository demonstrates the use of Docker Scout in a CI/CD pipeline to examine vulnerabilities in container images. This demo was presented at Secure Open Source Software (SOSS) Community Days India 2024.

A tool to police docker images cves vulnerabilities through a policy manifest in your CI/CD pipeline

A shorthand GitHub Action for building Docker and pushing to ghcr.io and other repositories. An smaller alternative to combining qemu and other steps.

No description provided.

DockerCon23 Workshop on Secure Development with Docker

Bash utility to compare two Docker images using Syft and Grype

Security scan on Docker images using Grype, Trivy and Docker-Scout (.xlsx)

MCP server for Docker Scout - container security scanning

DevOps Engineer Project

A Github Actions pipeline that builds safer containers

Project to learn all docker tools

A secure, automated DevSecOps pipeline for deploying a website on AWS, featuring Jenkins CI/CD, SonarQube quality checks, and container security with Trivy and Docker Scout.

A web API in Python using Django with a basic front end where users can search the database. The project was done using DevOps tools and methodologies.

Dockerized-COPA is a containerized solution for patching vulnerable container images using Project Copacetic (COPA). It simplifies the process of updating container images with security patches without requiring a complete rebuild from source.

Docker Hardened Images Demo

🛡️ Detect misconfigurations in AWS accounts with a read-only security scanner that highlights critical risks and suggests action steps.

This is a demo about the integration of Docker Scout with GitHub actions using the CLI.