Skip to content
This repository has been archived by the owner on Sep 25, 2019. It is now read-only.

ObjectifLibre/csf

Repository files navigation

Continuous Security Framework

GoDoc Build Status FOSSA Status codebeat badge Codacy Badge codecov

Continuous Security Framework (CSF for short) is an open-source project aiming at enabling continous security in cloud infrastructures (but not only). You can see it as IFTTT for the cloud. Similar to a typical continuous integration, CSF can be used to build pipelines composed of different tasks. Unlike a typical continuous integration, it can respond to a variety of events and uses simple scripting that anyone can use to build powerful automatic decision-making scripts.

Getting started

Terminology

Modules:

  • Event source - a module that will send events to CSF (ex: a new vulnerability has been found by clair)
  • Action module - a module that contains one or more actions (ex: send a mail)

Installation

The best way to run csf is to use the docker image objectiflibre/csf. You can also download the binary or build CSF yourself. Take a look at this sample config and modify it if needed.

docker run -d \
  -v $PWD/csf_config:/csf_config \
  -v $PWD/csf_data:/db \
  -p 8888:8888 \
  objectiflibre/csf

Take a look at config_sample.yaml for the config. The default localfiles configProvider loads modules configuration files from the ./config folder matching the names of the modules (if you load the k8s_imagevalidator module your config file for this module must be named k8s_imagevalidator.*, the extension does not matter). The default localdb storageProvider stores everything in ./db using tiedot.

Use cases

Events trigger pipelines that can dynamically respond to events using scripts. Currently implemented events are:

Currently implemented actions are:

  • Send a mail
  • Check if an image is in a kubernetes pod or deployment
  • Respond to an ImagePolicyWebhook image review request
  • Scan a docker image using an external clair server
  • Scan an instance / virtual machine / host via ssh using vuls.io and docker

More details on the different modules here.

Need something else ? Open an issue or write your own module !

Pipelines

You can use multiple actions to easily build complex pipelines. Here is a simple example:

example

Another use case is on the fly docker images scanning with kubernetes.

To write your own pipelines (called reactions here), you can find different sample json files in the samples folder or check out the docs about reactions.

About

Continuous Security Framework

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published