CVE Dashboard is a comprehensive solution designed to streamline vulnerability management across your development environments. It leverages advanced scanning capabilities to detect known vulnerabilities in containers, Kubernetes pods, and host systems, providing you with a centralized view of your security posture.

CVE Dashboard caters to the following audiences:

1. Developers: Empowering developers to monitor their development environments for potential vulnerabilities, facilitating proactive security measures, and ensuring a secure development lifecycle.

2. System Administrators: Enabling system administrators to maintain a robust security posture by continuously monitoring their environments for vulnerabilities, mitigating risks, and ensuring compliance.

3. Security Engineers: Providing security engineers with a powerful tool to monitor and assess the security state of various environments, enabling them to identify and address vulnerabilities promptly.

• Multi-Environment Monitoring: CVE Dashboard supports the monitoring of diverse environments, including Docker containers, Kubernetes pods, and host operating systems, ensuring comprehensive coverage of your infrastructure.

• Periodic Scanning: The application employs a daemon that periodically scans your systems, collecting data from various sources and ensuring up-to-date vulnerability information.

• Prometheus Integration: An API component supplies vulnerability data to a Prometheus endpoint, enabling seamless integration with monitoring and alerting systems.

• Grafana Visualization: The web frontend leverages the powerful Grafana platform to present vulnerability data in an intuitive and visually appealing manner, facilitating easy analysis and decision-making.

CVE Dashboard comprises three main components:

1. Scanning Daemon: This component is responsible for periodically scanning your systems, including Docker containers, Kubernetes pods, and host operating systems. It collects vulnerability data from these sources and prepares it for further analysis.

2. API Component: The API component acts as an intermediary, receiving vulnerability data from the scanning daemon and exposing it to a Prometheus endpoint. This integration enables seamless monitoring and alerting capabilities.

3. Web Frontend: Powered by Grafana, the web frontend provides a user-friendly interface to visualize and analyze vulnerability data. It presents comprehensive dashboards, allowing you to gain insights into your environment's security posture and make informed decisions.

CVE Dashboard is designed with flexibility in mind, allowing for easy configuration and adaptation to suit your specific requirements. Whether you choose to run it as a daemon on your server or locally in your terminal, CVE Dashboard empowers you with the necessary tools to maintain a secure and compliant development environment.

To get started with CVE Dashboard, please refer to the installation guide and configuration documentation. These resources will provide you with step-by-step instructions for setting up and customizing the application to meet your specific needs.

Also check the Data Export API and the Architecture guide for more information on how the CVE Dashboard works.

Explore the API endpoints and detailed information on data schema and request parameters and response structures here

chmod +x scan-script.sh

./scan-script.sh

Thi will start the daemon, run scans and start the docker stack.