Use Trivy and Azure DevOps to scan container images for Vulnerabilities

Reading Time: 5 minutesSo, in this short article, I am going to walk you through how I am scanning for vulnerabilities in my container images during the CI pipeline using Azure DevOps. For this, I am using Trivy https://github.com/aquasecurity/trivy by AQUA https://www.aquasec.com/. It’s an open-source simple and comprehensive vulnerability scanner for containers. Perfect Read more

By Pixel Robots., ago

Getting started with Secure DevOps Kit for Azure

Reading Time: 4 minutesIn this article, I am going to show you how to Install Secure DevOps Kit for Azure (AzSK), do a scan against as subscription and then fix an issue using the recommendation. What is AzSK? Below is an overview of what AzSK is from their website. https://azsk.azurewebsites.net/README.html#overview The “Secure DevOps Read more

By Pixel Robots., ago

New and Improved PowerShell Azure Subscription Selector

Reading Time: < 1 minuteYou may have read a previous blog post of mine https://pixelrobots.co.uk/2018/06/azure-subscription-selector/ regarding Azure Subscription selection. This post builds on that and takes it to a new level.  The old Azure subscription selector used out-grid for you to select a subscription. This new one presents you with a menu inside the Read more

By Pixel Robots., ago