Hello, we would like to ask if the 5GASP project supports automated security testing of docker containers e.g. like docker scout. If yes, does 5GASP provide detailed guidelines on how to solve Critical, etc. issues?
Hi,
yes, the 5GASP project supports automated testing of docker images and reports them to the developer. The report provided to the developer entails NIST-based reports that contain directions on how to address potentially found security vulnerabilities for your docker images.
For more information about the security tool of 5GASP, please see our releveant github repo:
https://github.com/5gasp/SecurityScan
Thanks for your interest in the 5GASP project.
Leonidas