https://github.com/chainguard-dev/vulnerability-scanner-support

Resources to help vulnerability scanners
https://github.com/chainguard-dev/vulnerability-scanner-support

Last synced: 3 months ago
JSON representation

Resources to help vulnerability scanners

• Host: GitHub
• URL: https://github.com/chainguard-dev/vulnerability-scanner-support
• Owner: chainguard-dev
• License: apache-2.0
• Created: 2023-09-11T20:13:02.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-02-21T23:24:06.000Z (3 months ago)
• Last Synced: 2025-02-22T00:24:25.252Z (3 months ago)
• Language: Shell
• Size: 99.6 KB
• Stars: 7
• Watchers: 4
• Forks: 5
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Vulnerability Scanner Support

This repository provides resources intended for software engineers that work on vulnerability scanners, in order to help them correctly implement support for Chainguard Images and the Wolfi (un)distribution.

## Resources

If you're unfamiliar with Chainguard Images, Wolfi, or the security data published by Chainguard, take a quick read through [Foundational Concepts](./docs/foundational_concepts.md).

Next, to learn how to implement support for Chainguard Images and Wolfi in your vulnerability scanner, look at [Scanning Implementation](./docs/scanning_implementation.md).

Finally, when you're ready to verify that your scanner produces the correct results for a given scan target, look at [Verifying Scan Results](./docs/verifying_scan_results.md).

**Important:** In order to officially support Chainguard Images and Wolfi, your scanner must meet the criteria defined in [Verifying Scan Results](./docs/verifying_scan_results.md).