Docker Sentinel – Preruntime container security tool(github.com)
github.com
Docker Sentinel – Preruntime container security tool
https://github.com/rtvkiz/Docker-Sentinel
1 コメント
Docker Sentinel - allows you to configure YAML policies which is integrated with Docker Daemon, allowing admins to manager what docker commands can be executed. It can be as granular as a specific cgroup property and also supports integration with secret scanning like trufflehog, vulnerability scanners like Grype, trivy etc.
It is really fast and cannot be bypass byt regular users.