Itay Shakury

better overview, including how to use in rego (to be implemented): https://docs.google.com/document/d/12hbP38h6pdFJiHxVa9SCW0Xq-89FFeEkOE41WLcbTtk/edit#

This command will scan the files within the container image for misconfigurations. For example, if the image contains a Kubernetes definition file, this file will be scanned for Kuberentes misconfigurations....

I think we can expand the scope of this issue to "detect secrets in misconfiguration scanning"?

related to issue: https://github.com/aquasecurity/trivy/issues/2676 If we would infer the dockerfile of an image, we could scan it for exposed secrets as well

notes from offline discussion with @mtcherni95 : Usually CLI flags are key-value pairs, but in tracee they're key-key-value. For example: `--output format:json`, we have key1 which is `output`, key2 which...

related to #1288 and #1248

Hello :) IMO we don't need more "prepare" or parsing functions, if anything we want to remove the ones we have. we should have just one way of parsing flags/config....

> I think that if we use the same function for both it will introduce coupling between the input (and thus UX) of the config file and of the cli...

that's good feedback, thanks. I think the worst case (using altsrc with those limitations) is not that bad, but let's fist evaluate what options we have. do you know about...

This is a nice idea. If someone is interested in working on it, we'd welcome the contribution. If not, we can consider it in a future planning cycle. Note to...