Skip to main content

Tools Description

The following tools make up the automated scanning pipeline and report sending.

Trivy Container

  • Functionality: Trivy is a open source scanner for docker and kubernetes, is commonly used to find vulnerabilities even in infrastructure side.
  • Capabilities:
    • Multiple Output Formats: Supports text, JSON, CyclonDX and XML formats for integration with other tools.
    • Flexible Target Specification: Capable of scanning individual namespaces, whole cluster and specific resource.
    • Broad Vulnerability Coverage: Capable of scanning a variety of security weaknesses and exposures.
    • Automation-Friendly: Easily integrates into automated workflows and pipelines.
  • Updates: Twice per day updated DB for keep all vulnerability in scope.

Trivy Operator

  • Functionality: Same as above but the big different is it is inside kubernete and is triggered automatically when is a new change in any kubernetes component or application.
  • Capabilities:
    • Fast Scanning: Run diffrents scanners at the same time making parallelism.
    • Automation-Friendly: Is triggered automatically when a new resourse is deployed.
    • Broad Vulnerability Coverage: Capable of scanning a variety of security weaknesses and exposures.
    • Detailed Reporting: Generates comprehensive reports for vulnerabilities or compliance and remediation planning.
  • Updates: Continuously updated with enhancements for speed, accuracy, and additional features.

Trivy Reporter

  • Functionality: This operator is used to send report to Defect Dojo automatically once is genereted by Trivy Operator.
  • Capabilities:
    • Integration-Ready: Designed to fit with trivy operator.
  • Updates: Community and developers regularly update tool features.

Kubernetes CronJob

  • Functionality: This is a specfic developed component to send whole reports to S3 bucket to maintain all information saved in one place.
  • Capabilities:
    • Automation-Friendly: Is triggered automatically depending when we want to sent the reports.
  • Updates: Maintained with regular updates to the vulnerability feed and software enhancements.

Defect Dojo

  • Functionality: Defect Dojo is a security program and vulnerability management tool. It centralizes and streamlines the management of security programs, allowing for efficient tracking, measurement, and reporting of vulnerabilities.
  • Capabilities:
    • Vulnerability Management: Enables tracking and management of vulnerabilities discovered across different tools and tests.
    • Reporting and Metrics: Offers comprehensive reporting features for understanding security postures and metrics.
    • Integration with CI/CD: Seamlessly integrates with CI/CD pipelines for automated importing of scan results.
    • Customization and Flexibility: Allows customizations to fit various workflow requirements and integrates with other tools via APIs.
  • Updates: Regularly updated with enhancements for functionality, usability, and security.