h4cker/docker-and-k8s-security/docker/additional-tools.md
Owen Garrett 32d408275b
Update additional-tools.md
Add PacketStreamer open source packet capture
2022-06-06 07:07:57 -07:00

4.2 KiB

Additional Docker Security Tools and Resources

  • Anchor Engine - Analyze images for CVE vulnerabilities and against custom security policies by @Anchor
  • Aqua Security 💲 - Securing container-based applications from Dev to Production on any platform
  • bane - AppArmor profile generator for Docker containers by [@genuinetools][genuinetools]
  • CIS Docker Benchmark - This [InSpec][inspec] compliance profile implement the CIS Docker 1.12.0 Benchmark in an automated way to provide security best-practice tests around Docker daemon and containers in a production environment. By @dev-sec
  • Clair - Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers. By [@coreos][coreos]
  • Dagda - Dagda is a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities. By @eliasgranderubio
  • Deepfence SecretScanner - Find unprotected secrets - tokens, keys, passwords - in containers and host filesystems.
  • Deepfence ThreatMapper - Powerful open source runtime vulnerability scanner for kubernetes, virtual machines and serverless.
  • Deepfence ThreatStryker 💲 - Full life cycle Cloud Native Workload Protection platform for kubernetes, virtual machines and serverless. By @deepfence
  • docker-bench-security - script that checks for dozens of common best-practices around deploying Docker containers in production.
  • docker-explorer - A tool to help forensicate offline docker acquisitions by Google
  • docker-lock - A cli-plugin for docker to automatically manage image digests by tracking them in a separate Lockfile. By [@safe-waters][safe-waters]
  • notary - a server and a client for running and interacting with trusted collections.
  • oscap-docker - OpenSCAP provides oscap-docker tool which is used to scan Docker containers and images. By OpenSCAP
  • PacketStreamer - distributed packet capture and aggregation, supporting Docker, Kubernetes, and VMs / bare hosts. By Deepfence
  • Phonito Security 💲 - a Docker vulnerability scanner with constant Kubernetes monitoring and pipeline integration.
  • Prisma Cloud 💲 - (previously Twistlock Security Suite) detects vulnerabilities, hardens container images, and enforces security policies across the lifecycle of applications.
  • Sysdig Falco - Sysdig Falco is an open source container security monitor. It can monitor application, container, host, and network activity and alert on unauthorized activity.
  • Sysdig Secure 💲 - Sysdig Secure addresses run-time security through behavioral monitoring and defense, and provides deep forensics based on open source Sysdig for incident response.
  • Trend Micro DeepSecurity 💲 - Trend Micro DeepSecurity offers runtime protection for container workloads and hosts as well as preruntime scanning of images to identify vulnerabilities, malware and content such as hardcoded secrets.
  • Trivy - Aqua Security's open source simple and comprehensive vulnerability scanner for containers (suitable for CI).