DockerENT is activE ruNtime application security scanning Tool (RAST tool) and framework which is pluggable and written in python. It comes with a CLI application and clean Web Interface written with StreamLit.
DockerENT has been designed keeping in mind that during deployments there weak configurations which may get sticky in production deployments as well and can lead to severe consequences. This application connects with running containers in the system and fetches the list of weak and vulnerable runtime configurations and generates a report. If invoked through CLI it can create
HTML report. If invoked through web interface, it can display the scan and audit report in the UI itself.
How you can use and run it?
In hurry to test this? Download the latest stable REL from PyPi and run the Web App, everything else is intuitive.
pip install DockerENT
Then run the application like: