Check Trivy Vulnerability Scan through Kyverno in-cluster policies

preview_player
Показать описание
This tutorial includes three parts
1️⃣ Scanning your container image for vulnerabilities
2️⃣ Create a Cosign attestation that it has been scanned
3️⃣ Deploy in-cluster policies that verify the container image that will be deployed has been scanned.

📽️ If you are completely new to Kyverno, have a look at the video on Anais' YouTube Channel -- this also showcases how to deploy Kyverno in your cluster:

📽️ If you are new to Cosign, check out our latest YouTube video:

This video is based on the blog by Chip Zoller

📚Resources 📚

⭐Give our projects a star on GitHub⭐

⏱️Timestamps⏱️
00:00 -- Intro
00:40 -- Scan Container Images for Vulnerabilities
02:23 -- Cosign Attestation for Vulnerability Scan
04:06 -- Kyverno Policy
05:52 -- Deployment to verify policy
07:28 -- Outro
  1. Aqua Security Open Source
  2. DevSecOps
  3. Kubernetes
  4. cluster
  5. docker
  6. container
Рекомендации по теме
Check Trivy Vulnerability 0:08:10

Check Trivy Vulnerability Scan through Kyverno in-cluster policies

Docker vulnerability scanning 0:07:14

Docker vulnerability scanning tool | Trivy

Trivy Vulnerability Scanner 0:15:27

Trivy Vulnerability Scanner Tool For DevSecOps 🔥🔥

Docker Container Security: 0:21:05

Docker Container Security: Scanning for Vulnerabilities with Trivy (Correction in Description)

Trivy Docker Desktop 0:06:05

Trivy Docker Desktop Extension for unlimited vulnerability scanning

Scan any Git 0:11:40

Scan any Git Repository for Security Issues with Trivy

Full tutorial: Continous 0:21:30

Full tutorial: Continous in-cluster security scanning with the Trivy Operator

Docker vulnerability scanning 0:12:57

Docker vulnerability scanning tool | Trivy | How to fix vulnerabilities using by Chainguard - PART 2

Filtering vulnerabilities by 0:07:21

Filtering vulnerabilities by status -- Trivy Security Scanning

Kubernetes Security - 0:24:12

Kubernetes Security - Scan images for known vulnerabilities Trivy Anchore CLI- 21

How to scan 0:12:49

How to scan container images for security vulnerabilities using Trivy

Generate SBOMs with 0:10:16

Generate SBOMs with Trivy & Scan SBOMs for vulnerabilities

All-In-One Open Source 0:20:40

All-In-One Open Source Security Scanner | Docker Image Analysis with Trivy

Kubernetes security scanning 0:16:47

Kubernetes security scanning with Trivy CLI and Trivy Operator

Misconfiguration Scanning with 0:10:01

Misconfiguration Scanning with Trivy -- Ep. 2 Trivy Overview

Trivy vulnerability scanner 0:00:41

Trivy vulnerability scanner - open source security tools

Trivy | Comprehensive 0:05:29

Trivy | Comprehensive security scanner!

Trivy Vulnerability 0:42:05

Trivy Vulnerability Scanning

Trivy demo- container 0:04:42

Trivy demo- container vulnerability scanner

Security Scanning in 0:11:31

Security Scanning in your CI/CD pipeline through GitHub Actions with Trivy

Container Image Scanning 0:06:03

Container Image Scanning with Trivy -- Ep. 1 Trivy Overview

Installing Harbor registry 0:06:29

Installing Harbor registry with Trivy vulnerability scanning

Secret Scanning with 0:03:49

Secret Scanning with Trivy -- Container Images, Filesystems, IaC

Master Docker Security: 0:18:21

Master Docker Security: How to Scan Images with Trivy | Complete Guide | CodeKamikaze | DevSecOps

Комментарии
Автор

Thank you for this great demo. I just wanted to point out that the deployment-two file did not get blocked because the image was not scanned, but because it didn't exist on docker hub.
I can fill in the blacks though.

MrWieman
Автор

Great session! Love to see the three projects work so great together!

dirien