DEV Community

Shannon McFarland for Outshift By Cisco

Posted on • Edited on

4

VMClarity: Virtual Machine Security

VMClarity Logo

Project VMClarity

Do you have virtual machines in your environment? Do you care about their security? Are you looking for a new open-source project to contribute to? Well then, today is your lucky day!

Introducing VMClarity!

Overview

VMClarity is an open source tool for agentless detection and management of Virtual Machine (VM) Software Bill Of Materials (SBOM) and security threats such as vulnerabilities, exploits, malware, rootkits, misconfigurations, and leaked secrets.

VMClarity uses pluggable scanning infrastructure to provide the following:

  • Software Bill of Materials analysis
  • Package & OS vulnerability detection
  • Exploit detection
  • Leaked secret detection
  • Malware detection
  • Misconfiguration detection
  • Rootkit detection

Check out this quick video walk-through of what VMClarity is about:


Getting Started

Now that you have a basic understanding of what the VMClarity project is about let's check out how you can quickly get started with it:

Follow along with the video and get started today by visiting the project repo:

https://github.com/openclarity/vmclarity

Stay tuned for more information on VMClarity. We will have demos, feature walk-throughs, and detailed architecture posts in the future.


Learn More & Join the Community!

You can also learn more about the other Clarity projects, such as APIClarity (API security) and KubeClarity (K8s SBOM/Supply chain security) here:

And several blogs about both projects are here:
https://techblog.cisco.com/


Shannon McFarland is a Distinguished Engineer and open source advocate in Cisco’s Emerging Technology & Incubation organization. You can follow him on Twitter @eyepv6.

Heroku

Build apps, not infrastructure.

Dealing with servers, hardware, and infrastructure can take up your valuable time. Discover the benefits of Heroku, the PaaS of choice for developers since 2007.

Visit Site

Top comments (1)

Collapse
 
s8chugh profile image
Sarabjeet Chugh

Great post! Thanks Shannon!

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay