SDS is a tool to detect and implement security best practices over docker containers and images. The scan can be performed by two ways:
- Dynamic analysis. In this approach, docker containers are scanned looking for potential security issues by highlighting corrections needed to take into account as well as providing best practices for hardening your containers environment. The output is a report with the vulnerabilities found and a proposal Dockerfile.
- Static analysis. Application can scan in an static way with a Dockerfile as an input. By this way, the output is a report with the vulnerabilities found and a proposal Dockerfile. Most of the best practices implemented are based on CIS Docker Benchmark document. To obtain the latest version of this guide, please visit http://benchmarks.cisecurity.org.
- Docker SDK - Docker SDK for Python
- Python - Python
- Flask - Python web framework
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
This project adheres to Semantic Versioning.
CHANGELOG.md for details
- David López Beltrán - Initial work - dlpezbel
The code in this repository, including all code samples in the notebooks listed above, is released under the MIT license. Read more at the LICENSE.md for details.