File tree Expand file tree Collapse file tree 1 file changed +4
-3
lines changed
Expand file tree Collapse file tree 1 file changed +4
-3
lines changed Original file line number Diff line number Diff line change @@ -686,7 +686,8 @@ Static depth for infrastructure:
686686 usefulness : 3
687687 level : 2
688688 implementation :
689- - <a href="https://github.com/hadolint/hadolint">hadolint</a>
689+ - <a href="https://github.com/hadolint/hadolint">Dockerfile with hadolint</a>
690+ - <a href="https://github.com/zegl/kube-score">Deployment with kube-score</a>
690691 samm2 : v-security-testing|A|1
691692 iso27001-2017 :
692693 - system hardening, virtual environments are not explicitly covered by ISO 27001 - too specific
@@ -750,7 +751,7 @@ Static depth for infrastructure:
750751 samm2 : v-security-testing|A|1
751752 iso27001-2017 :
752753 - 12.6.1
753- - 14.2.1
754+ - 14.2.1
754755 Test the clould configuration :
755756 risk : Standard hardening practices for cloud environments are not performed leading to vulnerabilities.
756757 measure : With the help of tools the configuration of virtual environments are
@@ -801,7 +802,7 @@ Static depth for infrastructure:
801802 iso27001-2017 :
802803 - 12.6.1
803804 - 14.2.5
804- Check for new image version :
805+ Check for new image version :
805806 risk : When a new version of an image is available, it might fixes security vulnerabilities.
806807 measure : Check for new images of containers in production.
807808 difficultyOfImplementation :
You can’t perform that action at this time.
0 commit comments