Skip to content

Commit

Permalink
fixed typo
Browse files Browse the repository at this point in the history
  • Loading branch information
sivolko committed Dec 26, 2023
1 parent 954d1d6 commit 70b8e4d
Show file tree
Hide file tree
Showing 37 changed files with 339 additions and 342 deletions.
19 changes: 9 additions & 10 deletions _posts/2023-12-24-how-to-integrate-docker-scout-with-azure-container-registry.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ tags:
- Container
---
Before starting, let's understand what exactly is **Docker Scout**?
Docker Scout is a container image scanning tool built within Docker Desktop as well as CLI with mindset of Shift-Left approach.It lies on the top of the Docker ecosystem and helps developers to find container image vulnerabilities at the time of image build,thus helps organisation to ship secure entire supply chain.Now one might be confused is Docker-Scout another CNAPP tool? As per [official documentation](https://docs.docker.com/scout/),it uses SBOM(Software Bill of Material) with 17+ advisory Databases to analyze and scan images with real time CVEs updates.
Docker Scout is a container image scanning tool built within Docker Desktop as well as CLI with mindset of Shift-Left approach.It lies on the top of the Docker ecosystem and helps developers to find container image vulnerabilities at the time of image build,thus helps organisation to ship secure entire supply chain.Now one might be confused is that Docker-Scout another CNAPP tool? As per [official documentation](https://docs.docker.com/scout/),it uses SBOM(Software Bill of Material) with 17+ advisory Databases to analyze and scan images with real time CVEs updates.

Now let's see how we can integrate with [Azure Container Registry](https://learn.microsoft.com/en-us/azure/container-registry/) to scan real time image.

Expand All @@ -34,11 +34,11 @@ Now let's see how we can integrate with [Azure Container Registry](https://learn
9. Locally Docker Installed, if using Laptop CLI

**LAB**
In this lab I have take [OWASP Juice Shop App](https://github.com/juice-shop/juice-shop) as container image to scan with Docker Scout.
In this lab I have taken [OWASP Juice Shop App](https://github.com/juice-shop/juice-shop) as container image to scan with Docker Scout.

## Azure Container Registry(Azure portal)

* Go to Azure Portal and search for container Registry and create one.Just for testing I have allowed all public network access to registry from Networking blade,but in production use private N/W
* Go to Azure Portal and search for container Registry and create one.Just for testing I have allowed all public network access to registry from Networking blade,but in the production use private N/W
![image](https://res.cloudinary.com/hugs4bugs/image/upload/v1703497968/hugs4bugs/dockerscout/IMG_6067_ppa5qu.jpg)

* After successful ACR creation, you'll get unique login server
Expand All @@ -61,13 +61,12 @@ You will see OWASP Juice Shop application can be accessible over port 3000. This

![Local APp](https://res.cloudinary.com/hugs4bugs/image/upload/v1703499102/hugs4bugs/dockerscout/jshop_sk06vw.jpg)

* Now tag this image and push it to ACR
for tag use following command
* Now tag this image and push it to ACR using following command

```
docker tag bkimminich/juice-shop dockerscoutshubhendu.azurecr.io/owasp:v1
```
Replace your my loginserver with your own
Replace my loginserver with yours.

* Push it to ACR

Expand Down Expand Up @@ -95,11 +94,11 @@ after that, you will get ARM template to deploy, basically this ARM template wil
![image](https://res.cloudinary.com/hugs4bugs/image/upload/v1703500699/hugs4bugs/dockerscout/azureee_q2nde4.jpg)

Make sure to deploy Docker Scout resources to the same resource group as the registry.Then review and create.
After successful deployment go to your ACR--> Tokens from Repository Permission blade and copy token, then generate password. You can set password expiration date too. But remember to copy and save password locally, once window is close same password can't be retrived. You need to regenrate.
After successful deployment go to your ACR--> Tokens from Repository Permission blade and copy token, then generate password. You can set password expiration date too. But remember to copy and save password locally, once window is close same password can't be retrived. You need to regenerate.

![Image](https://res.cloudinary.com/hugs4bugs/image/upload/v1703501159/hugs4bugs/dockerscout/IMG_6071_jqu7is.jpg)

Same Token/password put into Docker Scout Registry Token blade and click on enable integration.
Copy the same Token/password put into Docker Scout Registry Token blade and click on enable integration.

![image](https://res.cloudinary.com/hugs4bugs/image/upload/v1703501288/hugs4bugs/dockerscout/rtt_tk7vne.jpg)

Expand All @@ -116,12 +115,12 @@ Jump over image blade,there our ACR image is scanned with list of vulnerabilitie
Jump over Vulnerabilites blade for more details
![image](https://res.cloudinary.com/hugs4bugs/image/upload/v1703501772/hugs4bugs/dockerscout/dscoutvlncve_u7trma.jpg)

To mitigate vulnerabilities jump to patch blade and follow the patch released by specific vendor.
To mitigate vulnerabilities, jump to patch blade and follow the patch released by specific vendor.
![image](https://res.cloudinary.com/hugs4bugs/image/upload/v1703502034/hugs4bugs/dockerscout/dscoutpath_tvzbfg.jpg)

We can check all centralised details from overview blade too.
![image](https://res.cloudinary.com/hugs4bugs/image/upload/v1703502220/hugs4bugs/dockerscout/ov_gzscav.jpg)

and we can deploy our own custom policies to set rules from Ploicies blade.
and we can deploy our own custom policies from Ploicies blade to set rules.

Thanks for reading blog, keep troubleshooting!
18 changes: 9 additions & 9 deletions _site/2021-08-2-Understanding-basics-of-security/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -340,29 +340,29 @@ <h2>See also</h2>


<li>
<a href="/Automation-with-Jenkins-and-Github/">
<a href="/cloud-native-CNAPP-tool-Microsoft-defender-for-cloud-101/">

<img src="https://miro.medium.com/max/700/1*QTmgOmxLr78Ty_evSD_Riw.gif">
<img src="https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/MS%20Defender%20for%20Cloud%20R6?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=1800&qlt=100&fmt=png-alpha&fit=constrain">

<h3>Automation with Jenkins and GitHub</h3>
<h3>Microsoft Defender for Cloud 101</h3>
</a>
</li>

<li>
<a href="/azure-networking-101/">
<a href="/kali-linux-vs-parrot-linux/">

<img src="https://th.bing.com/th/id/Rb3e6202f5356edebd8c8205623eef0f1?rik=2tDqbcLpDFguLg&riu=http%3a%2f%2fwww.shadowandy.net%2fwp%2fwp-content%2fuploads%2fdocker.png&ehk=d2o4OLvE5SZOjrajjCgOCdzXQ9xmehUy6vTEhPPFi3c%3d&risl=&pid=ImgRaw">
<img src="https://cdn.pixabay.com/photo/2018/04/22/22/57/hacker-3342696_960_720.jpg">

<h3>Azure Networking 101</h3>
<h3>Kali Linux vs Parrot OS</h3>
</a>
</li>

<li>
<a href="/storing-and-managing-secrets-using-azure-vault/">
<a href="/Docker-101/">

<img src="https://images.unsplash.com/photo-1550439062-609e1531270e?ixlib=rb-1.2.1&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=800&q=80">
<img src="https://th.bing.com/th/id/Rb3e6202f5356edebd8c8205623eef0f1?rik=2tDqbcLpDFguLg&riu=http%3a%2f%2fwww.shadowandy.net%2fwp%2fwp-content%2fuploads%2fdocker.png&ehk=d2o4OLvE5SZOjrajjCgOCdzXQ9xmehUy6vTEhPPFi3c%3d&risl=&pid=ImgRaw">

<h3>Managing and Storing Secrets:Azure Vault.🙆</h3>
<h3>Docker 101</h3>
</a>
</li>

Expand Down
18 changes: 9 additions & 9 deletions _site/Automation-with-Jenkins-and-Github/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -473,29 +473,29 @@ <h2>See also</h2>


<li>
<a href="/storing-and-managing-secrets-using-azure-vault/">
<a href="/how-to-manage-azure-active-directory-objects/">

<img src="https://images.unsplash.com/photo-1550439062-609e1531270e?ixlib=rb-1.2.1&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=800&q=80">
<img src="https://images.pexels.com/photos/7238759/pexels-photo-7238759.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1">

<h3>Managing and Storing Secrets:Azure Vault.🙆</h3>
<h3>How to create & Manage users and Groups within Azure AD.</h3>
</a>
</li>

<li>
<a href="/How-to-install-threatmapper-in-kali-linux/">
<a href="/access-management-101/">

<img src="https://assets-global.website-files.com/63eaa07bbe370228bab003ea/644292bf096fd43dfd6532d4_image2-p-800.png">
<img src="https://d3nn873nee648n.cloudfront.net/900x600/16347/120-SM692126.jpg">

<h3>How to install ThreatMapper in Kali Linux?</h3>
<h3>Access Management 101.</h3>
</a>
</li>

<li>
<a href="/automation-with-firebase-and-ruby/">
<a href="/difference-between-WAF-and-IPS/">

<img src="https://images.pexels.com/photos/4506940/pexels-photo-4506940.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1">
<img src="https://images.pexels.com/photos/5473298/pexels-photo-5473298.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1">

<h3>Automate Firebase hosting with Github Actions and Ruby.</h3>
<h3>WAF vs IPS</h3>
</a>
</li>

Expand Down
12 changes: 6 additions & 6 deletions _site/Docker-101/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -619,11 +619,11 @@ <h2>See also</h2>


<li>
<a href="/send-email-with-Azure-logic-app/">
<a href="/access-management-101/">

<img src="https://d3nn873nee648n.cloudfront.net/900x600/19765/300-SM960337.jpg">
<img src="https://d3nn873nee648n.cloudfront.net/900x600/16347/120-SM692126.jpg">

<h3>Automate Email with Azure Logic App</h3>
<h3>Access Management 101.</h3>
</a>
</li>

Expand All @@ -637,11 +637,11 @@ <h3>How to create & Manage users and Groups within Azure AD.</h3>
</li>

<li>
<a href="/metasploitFramework-vs-metasploit-pro/">
<a href="/the-blue-team-protecting-you/">

<img src="https://images.unsplash.com/photo-1562813733-b31f71025d54?ixlib=rb-1.2.1&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=869&q=80">
<img src="https://cdn.pixabay.com/photo/2017/11/19/23/56/hacking-2964100_960_720.jpg">

<h3>Metasploit Framework vs Metasploit Pro</h3>
<h3>The Blue Team.☠️</h3>
</a>
</li>

Expand Down
18 changes: 9 additions & 9 deletions _site/Fundamentals-of-Network-security/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -479,29 +479,29 @@ <h2>See also</h2>


<li>
<a href="/Automation-with-Jenkins-and-Github/">
<a href="/send-email-with-Azure-logic-app/">

<img src="https://miro.medium.com/max/700/1*QTmgOmxLr78Ty_evSD_Riw.gif">
<img src="https://d3nn873nee648n.cloudfront.net/900x600/19765/300-SM960337.jpg">

<h3>Automation with Jenkins and GitHub</h3>
<h3>Automate Email with Azure Logic App</h3>
</a>
</li>

<li>
<a href="/send-email-with-Azure-logic-app/">
<a href="/what-is-difference-between-ls-and-ls-lrt-command/">

<img src="https://d3nn873nee648n.cloudfront.net/900x600/19765/300-SM960337.jpg">
<img src="https://images.pexels.com/photos/4709289/pexels-photo-4709289.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1">

<h3>Automate Email with Azure Logic App</h3>
<h3>Do you use ls -lrt?</h3>
</a>
</li>

<li>
<a href="/Progressive-webapps-on-azure/">
<a href="/tools-that-SOC-security-analys-should-know/">

<img src="https://th.bing.com/th/id/R.49bd0ccbb9e904407116b65ce6a50d41?rik=1KXzdiLejsH2eA&riu=http%3a%2f%2fclipground.com%2fimages%2fcoder-clipart-1.jpg&ehk=xl5oxtd6bHoDW1%2f3HB007zg97209vFB75YXyIskHtPg%3d&risl=&pid=ImgRaw&r=0">
<img src="https://images.pexels.com/photos/60504/security-protection-anti-virus-software-60504.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1">

<h3>Building and Deploying PWA on Azure Cloud.</h3>
<h3>Tools that SOC/Security Analyst must know</h3>
</a>
</li>

Expand Down
12 changes: 6 additions & 6 deletions _site/How-to-install-Jenkins-on-Linux/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -427,20 +427,20 @@ <h2>See also</h2>


<li>
<a href="/Progressive-webapps-on-azure/">
<a href="/tools-that-SOC-security-analys-should-know/">

<img src="https://th.bing.com/th/id/R.49bd0ccbb9e904407116b65ce6a50d41?rik=1KXzdiLejsH2eA&riu=http%3a%2f%2fclipground.com%2fimages%2fcoder-clipart-1.jpg&ehk=xl5oxtd6bHoDW1%2f3HB007zg97209vFB75YXyIskHtPg%3d&risl=&pid=ImgRaw&r=0">
<img src="https://images.pexels.com/photos/60504/security-protection-anti-virus-software-60504.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1">

<h3>Building and Deploying PWA on Azure Cloud.</h3>
<h3>Tools that SOC/Security Analyst must know</h3>
</a>
</li>

<li>
<a href="/metasploitFramework-vs-metasploit-pro/">
<a href="/Docker-101/">

<img src="https://images.unsplash.com/photo-1562813733-b31f71025d54?ixlib=rb-1.2.1&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=869&q=80">
<img src="https://th.bing.com/th/id/Rb3e6202f5356edebd8c8205623eef0f1?rik=2tDqbcLpDFguLg&riu=http%3a%2f%2fwww.shadowandy.net%2fwp%2fwp-content%2fuploads%2fdocker.png&ehk=d2o4OLvE5SZOjrajjCgOCdzXQ9xmehUy6vTEhPPFi3c%3d&risl=&pid=ImgRaw">

<h3>Metasploit Framework vs Metasploit Pro</h3>
<h3>Docker 101</h3>
</a>
</li>

Expand Down
18 changes: 9 additions & 9 deletions _site/How-to-install-threatmapper-in-kali-linux/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -480,29 +480,29 @@ <h2>See also</h2>


<li>
<a href="/how-to-like-instagram-post-with-javascript/">
<a href="/Fundamentals-of-Network-security/">

<img src="https://media.giphy.com/media/cmqnzFK17DO4vKCscd/giphy.gif">
<img src="https://images.unsplash.com/photo-1563986768609-322da13575f3?ixlib=rb-1.2.1&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=750&q=80">

<h3>How to like Instagram posts with JavaScript?</h3>
<h3>Fundamentals of Network Security.☠️</h3>
</a>
</li>

<li>
<a href="/how-to-manage-azure-active-directory-objects/">
<a href="/azure-networking-101/">

<img src="https://images.pexels.com/photos/7238759/pexels-photo-7238759.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1">
<img src="https://th.bing.com/th/id/Rb3e6202f5356edebd8c8205623eef0f1?rik=2tDqbcLpDFguLg&riu=http%3a%2f%2fwww.shadowandy.net%2fwp%2fwp-content%2fuploads%2fdocker.png&ehk=d2o4OLvE5SZOjrajjCgOCdzXQ9xmehUy6vTEhPPFi3c%3d&risl=&pid=ImgRaw">

<h3>How to create & Manage users and Groups within Azure AD.</h3>
<h3>Azure Networking 101</h3>
</a>
</li>

<li>
<a href="/what-is-chat-gpt/">
<a href="/waf-vs-firewall/">

<img src="https://images.pexels.com/photos/7108/notebook-computer-chill-relax.jpg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1">
<img src="https://images.pexels.com/photos/1714208/pexels-photo-1714208.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1">

<h3>What is chatGpt? How to use it?</h3>
<h3>WAF vs Firewall</h3>
</a>
</li>

Expand Down
Loading

0 comments on commit 70b8e4d

Please sign in to comment.