Tag feed

#trivy

160 posts10 followers

Explore Hashnode

Alternatives

Trending tags this week

MBMatt Browncloudsecburrito.comJun 4 · 15 min read

Trivy Operator: The Scanner That Leaves Receipts

I’ve been working through a bigger Kubernetes security stack, and I wanted to come back to one of the simpler pieces: scanning. Not runtime blocking. Not admission control. Just scanning. Trivy Operat

0

MBMatt Browncloudsecburrito.comJun 4 · 10 min read

Deploying OSS Kubernetes Security Console

The first post laid out the idea: Kubernetes security tools already produce a lot of useful data, but most of it lands in separate places. Trivy Operator writes vulnerability and configuration finding

0

HAHardik Arorahardik0811arora.hashnode.devJun 1 · 7 min read

Building a Zero-Egress, AI-Driven DevSecOps Pipeline: My Journey with SupplyChain-Guardian-AI

As platform engineering evolves, we are constantly battling alert fatigue. We run our vulnerability scanners, generate endless Software Bill of Materials (SBOMs), and drop massive PDF reports onto dev

0

MBMatt Browncloudsecburrito.comMay 28 · 12 min read

Building an OSS Kubernetes Security Console with MCP

A single Kubernetes security finding is rarely the whole story. That is true whether the signal comes from runtime detection, vulnerability scanning, posture assessment, or admission control. “Shell

0

KBKrishna Bagalblog.krishnabagal.comMay 27 · 8 min read

I Built an Open-Source Vulnerability Scanner with a Real-Time Dashboard — Because Nothing Else Did It All

The Problem That Started It All If you run servers, write code, or manage containers, you already know the uncomfortable truth: vulnerabilities, exposed secrets, and misconfigurations are everywhere.

3

KVS

AKAkaeze Kosisochukwuaudrey01.hashnode.devMay 25 · 9 min read

Beyond Shift Left: Runtime Security with Falco on AWS EKS

The whole concept of "Shift Left" revolves around proactive scrutiny, catching issues before they ever reach the environment where real users are. This spans everything from performance and reliabilit

0

AKAnup Karanjkarwowhow.hashnode.devMay 2 · 9 min read

The TeamPCP Attack: How One Stolen Token Compromised Trivy, LiteLLM, and 47 npm Packages — What Every Developer Must Do Now

On March 26, 2026, security researchers at Socket.dev flagged anomalous publishing activity across dozens of npm packages. Within hours, the scope of the incident became clear: a threat actor operating under the handle TeamPCP had compromised a singl...

0

SPSanchit Panditsanchitpandit.hashnode.devApr 28 · 3 min read

Scan Docker Images with Trivy: CI/CD Security Pipeline Guide

In Part 1, we covered hardened Docker images. In Part 2, we focused on Dockerfile security best practices. This guide shows how to scan Docker images for vulnerabilities using Trivy and integrate it i

0

SPSaad Patelsaad-patel.hashnode.devApr 23 · 23 min read

AutoScaleOps: I Built a Production-Grade DevSecOps Platform From Scratch — Here's Everything

A month of late nights, broken pipelines, unfixable CVEs, and one cluster that refused to scale — here's the full story of building AutoScaleOps: a complete CI/CD platform with security gates, GitOps,

0

VNVũ Nhật Lâmblog.fiscybersec.comApr 11 · 15 min read

TeamPCP Supply Chain Campaign: When the Security Scanner Became a Weapon Against AI Infrastructure

Executive Summary On March 24, 2026, threat group TeamPCP successfully pushed two backdoored versions of the Python library LiteLLM (v1.82.7 and v1.82.8) to PyPI — a package registry serving over 95 m

0

#trivy

Search Hashnode

#trivy

Explore Hashnode

Trending tags this week

Trivy Operator: The Scanner That Leaves Receipts

Deploying OSS Kubernetes Security Console

Building a Zero-Egress, AI-Driven DevSecOps Pipeline: My Journey with SupplyChain-Guardian-AI

Building an OSS Kubernetes Security Console with MCP

I Built an Open-Source Vulnerability Scanner with a Real-Time Dashboard — Because Nothing Else Did It All

Beyond Shift Left: Runtime Security with Falco on AWS EKS

The TeamPCP Attack: How One Stolen Token Compromised Trivy, LiteLLM, and 47 npm Packages — What Every Developer Must Do Now

Scan Docker Images with Trivy: CI/CD Security Pipeline Guide

AutoScaleOps: I Built a Production-Grade DevSecOps Platform From Scratch — Here's Everything

TeamPCP Supply Chain Campaign: When the Security Scanner Became a Weapon Against AI Infrastructure