Getting Started

Ocular is a Kubernetes API extension that allows you to perform security scans on static software assets. It provides a set of custom resource definitions that allow you to configure and run security or compliance scanning tools over static software assets such as git repositories, container images, or any static content that can be represented on a file system.

Ocular is designed to be easily customized and tailored to fit the needs of any organization. At the core of it’s design is the use of containers and the ability for developers to specify their own images and commands. Additionally, a handful of default “integrations” are provided to solve the most common use cases of Ocular

To get started, We’ll look at how to install Ocular, scan targets, and show examples of custom integrations.

Your Learning Path

We recommend working through these sections in sequence, as each builds upon the concepts introduced in the previous ones:

0. Pre-requisites

• A Kubernetes cluster, with a basic understanding of core concepts
  • Cert Manager should be installed on the cluster
• A valid kubeconfig, kubectl, and access to a role or user with the ability to create deployments, configmaps, secrets, services
• Helm
• For customization: the ability to download, build and publish container images

1. Installation Guide

Begin your journey by installing Ocular to your cluster. This section covers installing Ocular via Helm, and how to configure the needs of your cluster environment.

2. Ocular Basics

Once the Ocular is installed, this section will introduce you to the fundamental operations: creating a profile, uploaders, downloaders, and running a pipeline. These simple examples will help you understand Ocular’s core functionality and provide a foundation for more advanced usage.

3. Customizing Pipelines

After mastering the basics, dive into Ocular’s ability to allow customization of how targets are downloaded and how results are uploaded. You will create custom a downloader and uploader definition and be able to integrate Ocular scans into any upstream or downstream service.

4. Enumerating targets using searches

Once you have the ability to scan targets, we can now configure Ocular to crawl the internet for assets to scan. You will learn how to define crawlers and run searches that can automatically start pipelines. Additionally you will learn how run searches on a schedule.

Ready to begin? Start with installing Ocular and take the first step towards securing software assets.