Community References¶
Below is a list of additional resources from the community.
Vulnerability Scanning¶
CI/CD Pipelines¶
- How to use Tekton to set up a CI pipeline with OpenShift Pipelines
- Continuous Container Vulnerability Testing with Trivy
- Getting Started With Trivy and Jenkins
- How to use Tekton to set up a CI pipeline with OpenShift Pipelines
Misconfiguration Scanning¶
SBOM, Attestation & related¶
Trivy Kubernetes¶
Comparisons¶
- the vulnerability remediation lifecycle of Alpine containers
- Open Source CVE Scanner Round-Up: Clair vs Anchore vs Trivy
- Docker Image Security: Static Analysis Tool Comparison – Anchore Engine vs Clair vs Trivy