gokakashi
The Centralized Security Platform π π
π§ Heavy work in progress π§
Β
gokakashi is a security platform to help ship secure software.
- Be vendor-agnostic and open(-sourced).
- Centralized: You need one place to understand your security posture.
- Help teams adopt industry standards like SLSA.
- Educate: Security is not an afterthought.
- Any team, any size.
Find, analyze, and remediate vulnerabilities present in your container images.
- Multiple registries support - scan images from various container image registries β all in one place!
- Vulnerability scanner of your choice.
- Custom notifications - Customize notifications to suit your needs, including where to get notified and control over priority, assignment, due dates etc.
- Scheduled and on-demand scans - Automate your scans with in-built cron jobs or trigger them from your CI.
| Regisry | Status |
|---|---|
| Docker Hub | In progress β³ |
| Google Artifact Registry | In progress β³ |
| GitHub Container Registry | In progress β³ |
| Amazon Elastic Container Registry | Open for contribution |
| Azure Container Registry | Open for contribution |
| Scanner | Status |
|---|---|
| Trivy | In progress β³ |
| Snyk | Open for contribution |
| Clair | Open for contribution |
docker run -d ghcr.io/shinobistack/gokakashi server docker run --rm -it ghcr.io/shinobistack/gokakashi agentWeβre excited to share gokakashi early with the community to gather feedback and improve quickly.
Whether you're curious, have suggestions, or if your team is looking for a fast and efficient way to streamline vulnerability scanning (and get back to enjoying that extra ice cream or your favorite anime), weβd love to hear from you. Feel free to open an issue or submit a pull request or request any features that would help on GitHub. Letβs build something awesome together!