vulcan-checks
vulcan-checks copied to clipboard
adevinta
This repository holds the code for each Vulcan check's main binary.
Adding Check for create findings from [AWS Config service](https://aws.amazon.com/config/)
This PR introduces the following modifications to the vulcan-aws-trusted-advisor check: - Migrate the code to use the go AWS sdk v2. The v2 comes out of the box with a...
Improve trivy check by allowing to generate and send the SBOM of the scanned assets to a dependeny track instance.
This pull request introduces the `vulcan-detectify` check, which pulls in vulnerabilities from Detectify into corresponding Vulcan teams based on assets of type `Hostname`. To utilise this check, a prerequisite `Detectify...
The goal of this PR is deprecate [vulcan-exposed-bgp](https://github.com/adevinta/vulcan-checks/tree/master/cmd/vulcan-exposed-bgp) check in favour of vulcan-nuclei check by providing custom Nuclei template. **Templates added:** - BGP Detect **Test the template**: ``` # Nuclei...
The goal of this PR is deprecate [vulcan-exposed-db](https://github.com/adevinta/vulcan-checks/tree/master/cmd/vulcan-exposed-db) check in favour of vulcan-nuclei check by providing custom Nuclei templates. In fact, vulcan-tenable check already report most of the database service...
- Allow prowler check without assume role svc - Upgrade to prowler 3 Prowler removed `-g` and added `--compliance` and now allow many more. ```sh prowler aws --list-compliance - cisa_aws...
This PR adds a custom Nuclei template to detect exposed BGP services in order to deprecate `vulcan-exposed-bgp` check.
- Adds the column Paths with the path/version where the dependency was found. - Removes columns already in the affected resource. - Removes useless sort as we create one vulnerability...
The check pulls detected secrets connected to a repository in github, using this api: https://docs.github.com/en/[email protected]/rest/secret-scanning/secret-scanning#list-secret-scanning-alerts-for-a-repository The secret value is not copied into vulcan.
