Jenkins Pipeline: SonarQube and the OWASP Dependency-Check

Maarten Smeets October 16, 2020 Continuous Delivery, Cyber Security, Java, Kubernetes No Comments

The OWASP Foundation plays an important role in helping to improve security of software worldwide. They have created a popular and well-known awareness document called the ‘OWASP Top 10‘. …

[Continue Reading...]

Surprisingly easy: Anchore Engine for container vulnerability scanning in a Jenkins pipeline running on Kubernetes

Maarten Smeets October 4, 2020 Containers, Cyber Security No Comments

Anchore Engine is a popular open source tool for container image inspection and vulnerability scanning. It is easily integrated in a Kubernetes environment as an admission controller or in …

[Continue Reading...]

Anchore Engine: Container image vulnerability scanning

Maarten Smeets July 28, 2020 Containers, Continuous Delivery, Cyber Security No Comments

Applications nowadays, are usually deployed inside containers. A container consists of libraries and tools which allow the application to run inside. Since there can be exploitable vulnerabilities, it is …

[Continue Reading...]

Tag: vulnerabilities