Tag feed

#trivy

160 posts10 followers

Trending tags this week

Trivy Operator: The Scanner That Leaves Receipts

Jun 4 · 15 min read · I’ve been working through a bigger Kubernetes security stack, and I wanted to come back to one of the simpler pieces: scanning. Not runtime blocking. Not admission control. Just scanning. Trivy Operat

Join discussion

MBMatt Browncloudsecburrito.com

0

Deploying OSS Kubernetes Security Console

Jun 4 · 10 min read · The first post laid out the idea: Kubernetes security tools already produce a lot of useful data, but most of it lands in separate places. Trivy Operator writes vulnerability and configuration finding

Join discussion

HAHardik Arorahardik0811arora.hashnode.dev

0

Building a Zero-Egress, AI-Driven DevSecOps Pipeline: My Journey with SupplyChain-Guardian-AI

Jun 1 · 7 min read · As platform engineering evolves, we are constantly battling alert fatigue. We run our vulnerability scanners, generate endless Software Bill of Materials (SBOMs), and drop massive PDF reports onto dev

Join discussion

MBMatt Browncloudsecburrito.com

0

Building an OSS Kubernetes Security Console with MCP

May 28 · 12 min read · A single Kubernetes security finding is rarely the whole story. That is true whether the signal comes from runtime detection, vulnerability scanning, posture assessment, or admission control. “Shell

Join discussion

KBKrishna Bagalblog.krishnabagal.com

3

I Built an Open-Source Vulnerability Scanner with a Real-Time Dashboard — Because Nothing Else Did It All

May 27 · 8 min read · The Problem That Started It All If you run servers, write code, or manage containers, you already know the uncomfortable truth: vulnerabilities, exposed secrets, and misconfigurations are everywhere.

KVSKODE and 2 more commented

AKAkaeze Kosisochukwuaudrey01.hashnode.dev

0

Beyond Shift Left: Runtime Security with Falco on AWS EKS

May 25 · 9 min read · The whole concept of "Shift Left" revolves around proactive scrutiny, catching issues before they ever reach the environment where real users are. This spans everything from performance and reliabilit

Join discussion

AKAnup Karanjkarwowhow.hashnode.dev

0

The TeamPCP Attack: How One Stolen Token Compromised Trivy, LiteLLM, and 47 npm Packages — What Every Developer Must Do Now

May 2 · 9 min read · On March 26, 2026, security researchers at Socket.dev flagged anomalous publishing activity across dozens of npm packages. Within hours, the scope of the incident became clear: a threat actor operating under the handle TeamPCP had compromised a singl...

Join discussion

SPSanchit Panditsanchitpandit.hashnode.dev

0

Scan Docker Images with Trivy: CI/CD Security Pipeline Guide

Apr 28 · 3 min read · In Part 1, we covered hardened Docker images. In Part 2, we focused on Dockerfile security best practices. This guide shows how to scan Docker images for vulnerabilities using Trivy and integrate it i

Join discussion

SPSaad Patelsaad-patel.hashnode.dev

0

AutoScaleOps: I Built a Production-Grade DevSecOps Platform From Scratch — Here's Everything

Apr 23 · 23 min read · A month of late nights, broken pipelines, unfixable CVEs, and one cluster that refused to scale — here's the full story of building AutoScaleOps: a complete CI/CD platform with security gates, GitOps,

Join discussion

VNVũ Nhật Lâmblog.fiscybersec.com

0

TeamPCP Supply Chain Campaign: When the Security Scanner Became a Weapon Against AI Infrastructure

Apr 11 · 15 min read · Executive Summary On March 24, 2026, threat group TeamPCP successfully pushed two backdoored versions of the Python library LiteLLM (v1.82.7 and v1.82.8) to PyPI — a package registry serving over 95 m

Join discussion

#trivy

Search Hashnode

#trivy

Trending tags this week

Trivy Operator: The Scanner That Leaves Receipts

Deploying OSS Kubernetes Security Console

Building a Zero-Egress, AI-Driven DevSecOps Pipeline: My Journey with SupplyChain-Guardian-AI

Building an OSS Kubernetes Security Console with MCP

I Built an Open-Source Vulnerability Scanner with a Real-Time Dashboard — Because Nothing Else Did It All

Beyond Shift Left: Runtime Security with Falco on AWS EKS

The TeamPCP Attack: How One Stolen Token Compromised Trivy, LiteLLM, and 47 npm Packages — What Every Developer Must Do Now

Scan Docker Images with Trivy: CI/CD Security Pipeline Guide

AutoScaleOps: I Built a Production-Grade DevSecOps Platform From Scratch — Here's Everything

TeamPCP Supply Chain Campaign: When the Security Scanner Became a Weapon Against AI Infrastructure