Skip to content
This repository has been archived by the owner on Sep 25, 2019. It is now read-only.

ObjectifLibre/csf

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits

actions

actions

 
 

api

api

 
 

configprovider

configprovider

 
 

csf_config

csf_config

 
 

docs

docs

 
 

dummy_action

dummy_action

 
 

dummy_source

dummy_source

 
 

eventhandler

eventhandler

 
 

eventsources

eventsources

 
 

ext

ext

 
 

metrics

metrics

 
 

samples

samples

 
 

scripting

scripting

 
 

static

static

 
 

statik

statik

 
 

storage/driver

storage/driver

 
 

templates

templates

 
 

vendor

vendor

 
 

webui

webui

 
 

.codebeatignore

.codebeatignore

 
 

.fossa.yml

.fossa.yml

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

main.go

main.go

 
 

Repository files navigation

Continuous Security Framework

GoDoc Build Status FOSSA Status codebeat badge Codacy Badge codecov

Continuous Security Framework (CSF for short) is an open-source project aiming at enabling continous security in cloud infrastructures (but not only). You can see it as IFTTT for the cloud. Similar to a typical continuous integration, CSF can be used to build pipelines composed of different tasks. Unlike a typical continuous integration, it can respond to a variety of events and uses simple scripting that anyone can use to build powerful automatic decision-making scripts.

Getting started

Terminology

Modules:

  • Event source - a module that will send events to CSF (ex: a new vulnerability has been found by clair)
  • Action module - a module that contains one or more actions (ex: send a mail)

Installation

The best way to run csf is to use the docker image objectiflibre/csf. You can also download the binary or build CSF yourself. Take a look at this sample config and modify it if needed.

docker run -d \
  -v $PWD/csf_config:/csf_config \
  -v $PWD/csf_data:/db \
  -p 8888:8888 \
  objectiflibre/csf

Take a look at config_sample.yaml for the config. The default localfiles configProvider loads modules configuration files from the ./config folder matching the names of the modules (if you load the k8s_imagevalidator module your config file for this module must be named k8s_imagevalidator.*, the extension does not matter). The default localdb storageProvider stores everything in ./db using tiedot.

Use cases

Events trigger pipelines that can dynamically respond to events using scripts. Currently implemented events are:

Currently implemented actions are:

  • Send a mail
  • Check if an image is in a kubernetes pod or deployment
  • Respond to an ImagePolicyWebhook image review request
  • Scan a docker image using an external clair server
  • Scan an instance / virtual machine / host via ssh using vuls.io and docker

More details on the different modules here.

Need something else ? Open an issue or write your own module !

Pipelines

You can use multiple actions to easily build complex pipelines. Here is a simple example:

example

Another use case is on the fly docker images scanning with kubernetes.

To write your own pipelines (called reactions here), you can find different sample json files in the samples folder or check out the docs about reactions.

About

Continuous Security Framework

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

5 stars

Watchers

10 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages