An open-source project that provides a centralized service for inspection, analysis, and certification of container images. The Anchore engine is core to many Anchore deployments, used to analyze and scan Docker and OCI container images for security vulnerabilities and policy issues.
A part of Anchore Enterprise suite, it is designed to bring a policy-based compliance check to ensure your containers meet your organizational requirements. It allows the definition and enforcement of custom policies for CI/CD pipelines.
Grype is Anchore's fast and lightweight OS package and library vulnerability scanner for containers and filesystems.
AnchoreCTL is a command-line tool that leverages Anchore Engine to conduct vulnerability scans, generate policy evaluations, and other Anchore operations. Policies Report generates a detailed report on the policies applied during the analysis.
Similar to the Policies Report, but focuses on generating reports that provide detailed information on any vulnerabilities found during the scanning process by AnchoreCTL.
A security solution that specializes in container security, providing comprehensive vulnerability scanning and policy enforcement to ensure continuous security and compliance of containerized applications.
An open-source web application security scanner which identifies and mitigates vulnerabilities, enhancing the security of web applications.
An open-source tool that helps you secure AWS environments following best practices defined in the AWS Well-Architected Framework, and other standards, by performing extensive configuration and security checks.
An updated version of AWS Prowler Scan, providing enhanced features and updated security checks to help maintain the security posture of AWS environments.
A security auditing tool that allows users to review the security configuration of their AWS environments, providing a clear report of potential security weaknesses and risks.
A centralized service that consolidates findings from various AWS services and third-party products to help you analyze and identify security findings in your AWS environment.
A tool from Microsoft Azure which provides unified security management and advanced threat protection, helping users to adhere to recommended best practices and secure their Azure environments.
An interface that allows for integration with the BlackDuck software, which is used to secure and manage open source software in applications and containers, automating the process of identifying and mitigating open source security, license compliance and operational risks.
A tool within the BlackDuck software suite that is utilized for identifying and managing risks associated with the components used in your software applications, helping to pinpoint and mitigate security, license, and operational risks.
A scanning tool from the BlackDuck suite that helps in identifying the open-source components in your software and highlights any associated risks, including potential security vulnerabilities and license compliance issues.
A part of the Burp Suite, it allows for scanning and testing of GraphQL APIs to identify potential vulnerabilities and security issues, helping to secure applications that are utilizing GraphQL technology.
An extension of the Burp Suite, enabling integration with the REST API to facilitate automated scanning processes and other functionalities, allowing for a more streamlined approach to web application security.
A Rust language tool that leverages Cargo, Rust's package manager, to audit Rust projects for known vulnerabilities reported in the RustSec advisory database, helping developers maintain secure and vulnerability-free Rust applications.
An open-source tool for infrastructure as code (IaC) static code analysis that scans cloud infrastructure configured using Terraform, CloudFormation, Kubernetes, and other frameworks for security misconfigurations and compliance violations.
A combination of Clair, an open-source vulnerability scanner for containers, and Klar, a CLI tool that integrates with Clair for vulnerability analyses, providing a detailed report on potential security issues in Docker containers.
An open-source project that performs static analyses of container images to identify security vulnerabilities and other issues, helping organizations maintain secure container environments.
An open-source tool that performs static code analysis on AWS, Azure, and GCP infrastructures to identify security misconfigurations and compliance violations, helping in securing cloud environments effectively.
An open-source script that checks for dozens of common best-practices around deploying Docker containers in production, helping to secure Docker configurations and prevent vulnerabilities.
A container image linter that helps in identifying and solving container-related security issues, misconfigurations, and best practice violations, enhancing the security posture of your containerized applications.
A GitLab feature that allows for the automated scanning of API structures using fuzz testing techniques to uncover vulnerabilities and security flaws, enhancing API security through early detection of issues.
A GitLab feature that performs security scans on container images to identify vulnerabilities before deployment, helping to secure containerized applications by ensuring they are free of known vulnerabilities.
A static analysis tool for Dockerfiles that helps in identifying issues with Dockerfile configurations according to best practices, aiming to reduce potential security and performance issues in Docker containers.
A feature of the Harbor container registry that scans container images for vulnerabilities, assisting organizations in identifying and mitigating security issues before deploying the containers in production environments.
A tool for Keeping Infrastructure as Code Secure (KICS), it scans infrastructure as code (IaC) configurations to identify security vulnerabilities and compliance issues, assisting in maintaining secure and compliant IaC setups.
A tool that checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark, helping to ensure the secure configuration of Kubernetes environments.
kube-hunter hunts for security weaknesses in Kubernetes clusters.
A component of the NeuVector container security platform that focuses on ensuring compliance with various regulatory and security standards, helping organizations to maintain compliant container environments.
A REST API provided by the NeuVector container security platform that allows for integration with other systems and automation of security tasks, aiding in the streamlined management of container security.
A vulnerability management solution from Rapid7 that scans networks to identify vulnerabilities and compliance issues, offering detailed reports and remediation advice to help organizations strengthen their security posture.
A versatile open-source network scanner used for network discovery and security auditing, helping administrators and security professionals to identify open ports, running services, and other information about networked systems.
A report format utilized by the OpenVAS vulnerability scanning software, where the scan results and details of the identified vulnerabilities are exported as a CSV file, facilitating easier data analysis and reporting.
A report format utilized by the OpenVAS vulnerability scanning software, where the scan results and details of the identified vulnerabilities are exported as a XML file, facilitating easier data analysis and reporting.
A utility tool for scanning Kubernetes clusters to identify potential issues and unused resources, promoting best practices and helping system administrators maintain efficient and secure Kubernetes environments.
A feature of Qualys vulnerability management solution that allows for infrastructure scanning, exporting the results in WebGUI XML format, aiding in the detailed analysis and reporting of infrastructure security.
Red Hat® Satellite is an infrastructure management product specifically designed to keep Red Hat Enterprise Linux® environments and other Red Hat infrastructure running efficiently, with security, and compliant with various standards.
A multi-cloud security-auditing tool that scans cloud infrastructure and identifies security misconfigurations, helping organizations maintain secure and compliant cloud environments.
ssh-audit is a tool for ssh server & client configuration auditing.
A suite of tools and services by SSL Labs that analyses the configuration of SSL web servers and identifies weaknesses, promoting secure server configurations.
A tool that identifies SSL/TLS versions and cipher suites supported by a server, helping in the configuration review and security assessment of SSL-enabled services.
A Python tool that scans SSL/TLS services to identify misconfigurations and vulnerabilities, providing detailed reports to help maintain secure SSL/TLS configurations.
A feature in SSLyze that outputs the scan results in JSON format, facilitating integration with other tools and automated analysis of SSL/TLS configurations.
Sysdig Secure is part of Sysdig’s container intelligence platform. Sysdig provides a unified platform to deliver security, monitoring, and forensics in a cloud, container and microservices-friendly architecture integrated with Docker and Kubernetes.
A static code analysis tool that scans Infrastructure as Code (IaC) to identify security misconfigurations and compliance violations, promoting secure and compliant infrastructure code.
A free tool that checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and more.
A static analysis tool that scans Terraform templates to identify security issues, helping to maintain secure and compliant Terraform configurations.
A component of Trivy vulnerability scanner designed for use in Kubernetes environments, facilitating automated scanning of container images and helping to maintain secure Kubernetes deployments.
A simple and comprehensive vulnerability scanner for containers and other artifacts, designed to scan for vulnerabilities in various file systems and application dependencies.
A feature in Prisma Cloud by Palo Alto Networks that scans container images for vulnerabilities, helping to secure containerized applications by identifying and mitigating vulnerabilities in container images.
A security information and event management (SIEM) tool that provides log analysis, intrusion detection, vulnerability detection, and other security monitoring capabilities for IT environments.
This parser imports scan results from wiz. You have to use Report Type Standard when you export the results. The file format will be .csv which is parsable within DefectDojo.