Dependency-Track is an intelligent Software Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components. Dependency-Track takes a unique and highly beneficial approach by leveraging the capabilities of Software Bill-of-Materials (SBOM). This approach provides capabilities that traditional Software Composition Analysis (SCA) solutions cannot achieve.
Prometheus, a CNCF project, is a systems and service monitoring system. It collects metrics from configured targets at given intervals, evaluates rule expressions, displays the results, and can trigger alerts if some condition is observed to be true.
This chart bootstraps a Prometheus deployment on a Kubernetes cluster using the Helm package manager.
.png)
1 occurrences:
💡 Incorrect value for key `namespace` - use an explicit namespace instead of the default one (`default`)
Learn how to fix the issue here
2 occurrences:
💡 Forbidden property object `subPath` - malicious users can gain access to files & directories outside of the volume
Learn how to fix the issue here
1 occurrences:
💡 Missing property object `limits.memory` - value should be within the accepted boundaries recommended by the organization
Learn how to fix the issue here
1 occurrences:
💡 Missing property object `limits.cpu` - value should be within the accepted boundaries recommended by the organization
Learn how to fix the issue here
