Vulerability scanning
Vulerability scanning
Open Source projects sbom-operator and vulnerability-operator
Example workflow
sbom-operator listens for pod events , generates an SBoM…
…and stores it in a git repository
vulnerability-operator enumerates the SBoMs in the repo …
…scans them for vulnerabilities and publishes metrics
Prometheus can scrape them and Grafana visualize them
Demo
See SBoMs in git
See metrics in Grafana