Open
Description
During his talk at the CVMFS workshop (see (https://indico.cern.ch/event/1079490/contributions/4949461/attachments/2507114/4308224/CVMFS%20Workshop%20-%20Harbor%20Registry.pdf)), Ricardo Rocha from CERN mentioned a few vulnerability scanning tools (for containers) they use:
https://github.com/aquasecurity/trivy
https://github.com/quay/clair
https://sysdig.com/products/secure/image-scanning/
Especially the first one looks very interesting and should work on regular filesystems too, so we may want to try it out on our repository.