{"id":13509743,"url":"https://github.com/aquasecurity/starboard","last_synced_at":"2025-05-12T20:49:51.277Z","repository":{"id":37210107,"uuid":"247991727","full_name":"aquasecurity/starboard","owner":"aquasecurity","description":"Superseded by https://github.com/aquasecurity/trivy-operator","archived":false,"fork":false,"pushed_at":"2025-04-21T12:48:58.000Z","size":74713,"stargazers_count":1366,"open_issues_count":57,"forks_count":197,"subscribers_count":28,"default_branch":"main","last_synced_at":"2025-05-08T00:35:07.035Z","etag":null,"topics":["cloud-native","custom-resource-definition","kubernetes","security","starboard"],"latest_commit_sha":null,"homepage":"https://aquasecurity.github.io/starboard/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/aquasecurity.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":"ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-03-17T14:31:46.000Z","updated_at":"2025-04-21T12:46:10.000Z","dependencies_parsed_at":"2023-01-31T00:21:38.226Z","dependency_job_id":"b076cca3-0cfe-4f01-b8e3-c424391394a9","html_url":"https://github.com/aquasecurity/starboard","commit_stats":{"total_commits":748,"total_committers":60,"mean_commits":"12.466666666666667","dds":0.4024064171122995,"last_synced_commit":"11a760dc7902f62ba64fa5d55b0afb5cec502c08"},"previous_names":[],"tags_count":122,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aquasecurity%2Fstarboard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aquasecurity%2Fstarboard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aquasecurity%2Fstarboard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aquasecurity%2Fstarboard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aquasecurity","download_url":"https://codeload.github.com/aquasecurity/starboard/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253820494,"owners_count":21969531,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloud-native","custom-resource-definition","kubernetes","security","starboard"],"created_at":"2024-08-01T02:01:12.224Z","updated_at":"2025-05-12T20:49:51.257Z","avatar_url":"https://github.com/aquasecurity.png","language":"Go","funding_links":[],"categories":["Go","Kubernetes","Point-of-use validations","Security","Repositories / Tools","Go (531)","security","Инструменты"],"sub_categories":["Vulnerability information exchange","Kubernetes Security","Defending","Безопасность Kubernetes"],"readme":"# Starboard is joining Trivy.\n\nWe've announced our plans to discontinue Starboard and merge it into [Trivy](https://github.com/aquasecurity/trivy).\n\nStarboard CLI has been reintroduced as [trivy kubernetes](https://aquasecurity.github.io/trivy/latest/docs/kubernetes/cli/scanning/) command and starboard-operator with a focus on trivy capabilities is available as [Trivy-Operator](https://aquasecurity.github.io/trivy/latest/docs/kubernetes/operator/).\n\nWe will not be accepting new features/pull requests/issues.\nwe encourage you to contribute to [Trivy-Operator](https://github.com/aquasecurity/trivy-operator) and [Trivy CLI](https://github.com/aquasecurity/trivy) and influence the future of Trivy Kubernetes.\n\nfor more info and [discussions](https://github.com/aquasecurity/starboard/discussions/1173)\n\nCheckout the latest : [What's next for Trivy Q\u0026A](https://www.youtube.com/watch?v=u3cixRRJyYg)\n\n![Starboard logo](docs/images/starboard-logo.png)\n\n\u003e Kubernetes-native security toolkit.\n\n[![GitHub Release][release-img]][release]\n[![Build Action][action-build-img]][action-build]\n[![Release snapshot Action][action-release-snapshot-img]][action-release-snapshot]\n[![Coverage Status][cov-img]][cov]\n[![Go Report Card][report-card-img]][report-card]\n[![License][license-img]][license]\n[![GitHub All Releases][github-all-releases-img]][release]\n![Docker Pulls Starboard][docker-pulls-starboard]\n![Docker Pulls Starboard Operator][docker-pulls-starboard-operator]\n\n# Introduction\n\nThere are lots of security tools in the cloud native world, created by Aqua and by others, for identifying and informing\nusers about security issues in Kubernetes workloads and infrastructure components. However powerful and useful they\nmight be, they tend to sit alongside Kubernetes, with each new product requiring users to learn a separate set of\ncommands and installation steps in order to operate them and find critical security information.\n\nStarboard attempts to integrate heterogeneous security tools by incorporating their outputs into Kubernetes CRDs\n(Custom Resource Definitions) and from there, making security reports accessible through the Kubernetes API. This way\nusers can find and view the risks that relate to different resources in what we call a Kubernetes-native way.\n\nStarboard provides:\n\n- Automated vulnerability scanning for Kubernetes workloads.\n- Automated configuration audits for Kubernetes resources with predefined rules or custom Open Policy Agent (OPA) policies.\n- Automated infrastructures scanning and compliance checks with CIS Benchmarks published by the Center for Internet Security (CIS).\n- Automated compliance report - NSA, CISA Kubernetes Hardening Kubernetes Guidance v1.0 \n- Penetration test results for a Kubernetes cluster.\n- [Custom Resource Definitions] and a [Go module] to work with and integrate a range of security scanners.\n- The [Octant Plugin] and the [Lens Extension] that make security reports available through familiar Kubernetes interfaces.\n\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"docs/images/starboard-overview.png\" alt=\"Starboard Overview\"/\u003e\n\u003c/p\u003e\n\nStarboard can be used:\n\n- As a [Kubernetes operator] to automatically update security reports in response to workload and other changes on a\n  Kubernetes cluster - for example, initiating a vulnerability scan when a new Pod is started or running CIS Benchmarks\n  when a new Node is added.\n- As a [command][cli], so you can trigger scans and view the risks in a kubectl-compatible way or as part of your CI/CD\n  pipeline.\n\n  ![](docs/images/starboard-cli-with-octant-demo.gif)\n\n# Status\n\nAlthough we are trying to keep new releases backward compatible with previous versions, this project is still incubating,\nand some APIs and [Custom Resource Definitions] may change.\n\n# Documentation\n\nThe official [Documentation] provides detailed installation, configuration, troubleshooting, and quick start guides.\n\nLearn how to install the Starboard command [From the Binary Releases] and follow the [Getting Started][getting-started-cli]\nguide to generate your first vulnerability and configuration audit reports.\n\nYou can install the Starboard Operator with [Static YAML Manifests] and follow the [Getting Started][getting-started-operator]\nguide to see how vulnerability and configuration audit reports are generated automatically.\n\nRead more about the motivations for the project in the [Starboard: The Kubernetes-Native Toolkit for Unifying Security]\nblog.\n\n# Contributing\n\nAt this early stage we would love your feedback on the overall concept of Starboard. Over time, we'd love to see\ncontributions integrating different security tools so that users can access security information in standard,\nKubernetes-native ways.\n\n* See [Contributing] for information about setting up your development environment, and the contribution workflow that\n  we expect.\n* See [Roadmap] for tentative features in a 1.0.0 release.\n\n---\nStarboard is an [Aqua Security](https://aquasec.com) open source project.  \nLearn about our [Open Source Work and Portfolio].  \nJoin the community, and talk to us about any matter in [GitHub Discussions] or [Slack].\n\n[release-img]: https://img.shields.io/github/release/aquasecurity/starboard.svg?logo=github\n[release]: https://github.com/aquasecurity/starboard/releases\n[action-build-img]: https://github.com/aquasecurity/starboard/actions/workflows/build.yaml/badge.svg\n[action-build]: https://github.com/aquasecurity/starboard/actions/workflows/build.yaml\n[action-release-snapshot-img]: https://github.com/aquasecurity/starboard/actions/workflows/release-snapshot.yaml/badge.svg\n[action-release-snapshot]: https://github.com/aquasecurity/starboard/actions/workflows/release-snapshot.yaml\n[cov-img]: https://codecov.io/github/aquasecurity/starboard/branch/main/graph/badge.svg\n[cov]: https://codecov.io/github/aquasecurity/starboard\n[report-card-img]: https://goreportcard.com/badge/github.com/aquasecurity/starboard\n[report-card]: https://goreportcard.com/report/github.com/aquasecurity/starboard\n[license-img]: https://img.shields.io/github/license/aquasecurity/starboard.svg\n[license]: https://github.com/aquasecurity/starboard/blob/main/LICENSE\n[github-all-releases-img]: https://img.shields.io/github/downloads/aquasecurity/starboard/total?logo=github\n[docker-pulls-starboard]: https://img.shields.io/docker/pulls/aquasec/starboard?logo=docker\u0026label=docker%20pulls%20%2F%20starboard\n[docker-pulls-starboard-operator]: https://img.shields.io/docker/pulls/aquasec/starboard-operator?logo=docker\u0026label=docker%20pulls%20%2F%20starboard%20operator\n[Starboard: The Kubernetes-Native Toolkit for Unifying Security]: https://blog.aquasec.com/starboard-kubernetes-tools\n[Contributing]: CONTRIBUTING.md\n[Roadmap]: ROADMAP.md\n[GitHub Discussions]: https://github.com/aquasecurity/starboard/discussions\n[Slack]: https://slack.aquasec.com/\n[Open Source Work and Portfolio]: https://www.aquasec.com/products/open-source-projects/\n\n[Custom Resource Definitions]: https://aquasecurity.github.io/starboard/latest/crds/\n[Go module]: https://pkg.go.dev/github.com/aquasecurity/starboard/pkg\n[cli]: https://aquasecurity.github.io/starboard/latest/cli\n[Documentation]: https://aquasecurity.github.io/starboard/\n[From the Binary Releases]: https://aquasecurity.github.io/starboard/latest/cli/installation/binary-releases/\n[Static YAML Manifests]: https://aquasecurity.github.io/starboard/latest/operator/installation/kubectl/\n[getting-started-cli]: https://aquasecurity.github.io/starboard/latest/cli/getting-started/\n[getting-started-operator]: https://aquasecurity.github.io/starboard/latest/operator/getting-started/\n[Kubernetes operator]: https://aquasecurity.github.io/starboard/latest/operator\n\n[Octant Plugin]: https://aquasecurity.github.io/starboard/latest/integrations/octant\n[Lens Extension]: https://aquasecurity.github.io/starboard/latest/integrations/lens\n[kubectl]: https://kubernetes.io/docs/reference/kubectl\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faquasecurity%2Fstarboard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faquasecurity%2Fstarboard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faquasecurity%2Fstarboard/lists"}