gokakashi
The Centralized Security Platform 🔍 🚀
🚧 Heavy work in progress 🚧
gokakashi is a security platform to help ship secure software. It aims to
- Be centralized: You need one place to understand your security posture.
- Be vendor-agnostic and open(-sourced).
- Help teams adopt industry standards like SLSA.
- For any team of any size.
Find, analyze, and remediate vulnerabilities present in your container images.
- Multiple registries support - scan images from various container image registries — all in one place!
- Vulnerability scanner of your choice.
- Custom notifications - Customize notifications to suit your needs, including where to get notified and control over priority, assignment, due dates etc.
- Scheduled and on-demand scans - Automate your scans with in-built cron jobs or trigger them from your CI.
| Regisry | Status |
|---|---|
| Docker Hub | In progress ⏳ |
| Google Artifact Registry | In progress ⏳ |
| GitHub Container Registry | In progress ⏳ |
| Amazon Elastic Container Registry | Open for contribution |
| Azure Container Registry | Open for contribution |
| Scanner | Status |
|---|---|
| Trivy | In progress ⏳ |
| Snyk | Open for contribution |
| Clair | Open for contribution |
docker run -d ghcr.io/shinobistack/gokakashi server docker run --rm -it ghcr.io/shinobistack/gokakashi agentThanks for your interest in contributing to the project.
You will need docker and docker-compose for building gokakashi. You can follow the below workflow after having the software.
git clone [email protected]:shinobistack/gokakashi.git
cd gokakashi
# Make code changes
docker compose -f docker-compose/dev.yaml up --buildWe’re excited to share gokakashi early with the community to gather feedback and improve quickly.
Whether you're curious, have suggestions, or your team is looking for a fast and efficient way to streamline your security workflows (and get back to enjoying that extra ice cream 🍨 or your favorite anime 📺), we’d love to hear from you.
Let’s build something awesome together!