Tooling¶
What tool does Game Warden use to generate the Software Bill of Materials (SBOM)?¶
We utilize Anchore for the Software Bill of Materials (SBOM).
What security scan tools does Game Warden use, and which ones should I use?¶
The Security Scanners that Game Warden utilizes are Trivy and Anchore Enterprise for CVEs (which uses Grype and Syft for part of its scanning), Anchore Compliance for compliance checks and ClamAV for malware detection. These are what deliver all security findings on your pushed images to Scan Lab in the Game Warden web application.
We highly encourage you to test your images before pushing to Game Warden, so that you can work to resolve security findings/have a better idea of what findings to expect when run through the Game Warden pipeline. We recommend using these free open source tools for your scanning purposes: Trivy and Grype. They will surface most of the findings that Game Warden’s tools do, except for some DoD-specific findings. We recommend these free tools as the versions we use are typically not cost-effective for Game Warden customers to purchase considering the small delta in security findings surfaced.