github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/docs/tutorials/additional-resources/community.md

github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/docs/tutorials/additional-resources/community.md (about)

     1  # Community References
     2  Below is a list of additional resources from the community.
     3  
     4  ## Vulnerability Scanning
     5  
     6  - [Detecting Spring4Shell with Trivy and Grype](https://youtu.be/mOfBcpJWwSs)
     7  - [Scan OS of your EC2 instances with Trivy](https://pabis.eu/blog/2023-05-01-Scan-Instances-With-Trivy.html)
     8  
     9  ## CI/CD Pipelines
    10  
    11  - [How to use Tekton to set up a CI pipeline with OpenShift Pipelines](https://www.redhat.com/architect/cicd-pipeline-openshift-tekton)
    12  - [Continuous Container Vulnerability Testing with Trivy](https://semaphoreci.com/blog/continuous-container-vulnerability-testing-with-trivy)
    13  - [Getting Started With Trivy and Jenkins](https://youtu.be/MWe01VdwuMA)
    14  - [How to use Tekton to set up a CI pipeline with OpenShift Pipelines](https://www.redhat.com/architect/cicd-pipeline-openshift-tekton)
    15  
    16  ## Misconfiguration Scanning
    17  
    18  - [Identifying Misconfigurations in your Terraform](https://youtu.be/cps1V5fOHtE)
    19  - [How to write custom policies for Trivy](https://blog.ediri.io/how-to-write-custom-policies-for-trivy)
    20  
    21  ## SBOM, Attestation & related
    22  
    23  - [Attesting Image Scans With Kyverno](https://neonmirrors.net/post/2022-07/attesting-image-scans-kyverno/)
    24  
    25  ## Trivy Kubernetes
    26  
    27  - [Using Trivy Kubernetes in OVHCloud documentation.](https://docs.ovh.com/gb/en/kubernetes/installing-trivy/)
    28  
    29  ## Comparisons
    30  
    31  - [the vulnerability remediation lifecycle of Alpine containers](https://ariadne.space/2021/06/08/the-vulnerability-remediation-lifecycle-of-alpine-containers/)
    32  - [Open Source CVE Scanner Round-Up: Clair vs Anchore vs Trivy](https://boxboat.com/2020/04/24/image-scanning-tech-compared/)
    33  - [Docker Image Security: Static Analysis Tool Comparison – Anchore Engine vs Clair vs Trivy](https://www.a10o.net/devsecops/docker-image-security-static-analysis-tool-comparison-anchore-engine-vs-clair-vs-trivy/)
    34  
    35  ### Evaluations
    36  
    37  - [Istio evaluating to use Trivy](https://github.com/istio/release-builder/pull/687#issuecomment-874938417)
    38  - [Research Spike: evaluate Trivy for scanning running containers](https://gitlab.com/gitlab-org/gitlab/-/issues/270888)