Skip to content

Commit 43e32d4

Browse files
authored
Update README.md
1 parent 2ee961d commit 43e32d4

1 file changed

Lines changed: 19 additions & 8 deletions

File tree

README.md

Lines changed: 19 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515

1616
### **Self-Hosted DevSecOps for Kubernetes — Scan Every Push. Block Misconfigurations Before They Reach Production.**
1717

18-
A production-grade Micro Services , self-hosted DevSecOps platform that automatically scans repositories for security misconfigurations, hardcoded secrets, and infrastructure vulnerabilities on every Git push — before it ever reaches production.
18+
A self-hosted DevSecOps platform that scans every Git push and blocks security misconfigurations, hardcoded secrets, and infrastructure vulnerabilities before they reach production.
1919

2020
[🚀 Quick Start](#-quick-start) · [📖 Documentation](#-architecture) · [🛡️ SecTL Engine](#-sectl--security-enforcement-engine) · [🗺️ Roadmap](#-roadmap) · [🤝 Contributing](#-contributing)
2121

@@ -66,13 +66,14 @@ git push
6666
└── Dashboard displays results
6767
```
6868

69-
**Key capabilities:**
70-
- 🔍 **Static analysis** across Kubernetes, Terraform, Helm, and container images
71-
- 🔑 **Secrets detection** — catches hardcoded credentials before they reach remote
72-
- 🌐 **Live AWS posture audits** — IAM, MFA, S3, root key exposure
73-
- ⛓️ **Supply chain checks** — digest pinning, EOL images, `:latest` tag enforcement
74-
- 🚦 **CI/CD gate** — binary PASS/FAIL exit codes suitable for any pipeline
75-
- 📊 **Real-time dashboard** with per-finding remediation guidance
69+
## 🚀 What it actually does
70+
71+
- 🚫 **Blocks insecure Kubernetes deployments** before they ever reach your cluster
72+
- 🔑 **Prevents secrets from leaving your repo** by detecting hardcoded credentials on every push
73+
- 🚦 **Fails CI instantly on critical issues** with a clear PASS/FAIL security gate
74+
- 🛡️ **Enforces security policies at deployment time** using admission control (Kyverno)
75+
- 🔍 **Detects misconfigurations across IaC and containers** (Kubernetes, Terraform, Helm, images)
76+
- 📊 **Gives actionable insights, not just logs** — every finding includes exact fixes and context
7677

7778
---
7879

@@ -456,6 +457,16 @@ API_PORT=8000
456457

457458
---
458459

460+
## 🤔 Why not just use Trivy / Checkov?
461+
462+
| Capability | ZeroTrustOps | Traditional Scanners |
463+
|-----------|-------------|---------------------|
464+
| Auto scan on every push |||
465+
| CI/CD enforcement (fail builds) || ⚠️ partial |
466+
| Policy enforcement (Kyverno) |||
467+
| End-to-end pipeline |||
468+
469+
459470
## 🤝 Contributing
460471

461472
Contributions are welcome! Here's how to get started:

0 commit comments

Comments
 (0)