Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • palpantlab-infra palpantlab-infra
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 4
    • Issues 4
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 0
    • Merge requests 0
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • justin
  • palpantlab-infrapalpantlab-infra
  • Issues
  • #31

Closed
Open
Created Dec 16, 2017 by justin@justinOwner

Set up automated vulnerability scanning of all ingresses

Basic health checks should include periodic vulnerability checks, and the best way to do those checks is by running a vulnerability scanner against, at the very least, the externally available websites that are being hosted. There are great tools for this, like Nikto and ZAP that would easily support being run periodically.

As a first phase, this could be done with a static (configurable) list of Ingresses Then, this could be done using the kubernetes API to pull the existing ingresses and generate the ingresses to scan before scanning them.

As a P1 this should store the resulting report to NFS. As P2, this could send an email to me every day.

This is also possibly a good opportunity to learn about CronJobs

Assignee
Assign to
Time tracking