Getting Started

Ocular is a Kubernetes-native API that allows you to perform security scans on static software assets. It provides a set of RESTful endpoints that allow you to configure and run security or compliance scanning tools over static software assets such as git repositories, container images, or any static content that can be represented on a file system.

Ocular is designed to be easily customized and tailored to fit the needs of any organization. At the core of it’s design is the use of containers and the ability for developers to specify their own images and commands. Additionally, a handful of default “integrations” are provided to solve the most common use cases of Ocular

To get started, We’ll look at how to install Ocular, scan targets, and show examples of custom integrations.

Your Learning Path

We recommend working through these sections in sequence, as each builds upon the concepts introduced in the previous ones:

0. Pre-requisites

  • A Kubernetes cluster, with a basic understanding of core concepts
  • A valid kubeconfig, kubectl, and access to a role or user with the ability to create deployments, configmaps, secrets, services (and optionally ingress)
  • Helm
  • curl, or any REST client
  • For customization: the ability to write, build and publish container images

1. Installation Guide

Begin your journey by installing Ocular to your cluster. This section covers installing Ocular via Helm, and how to configure the needs of your cluster environment.

2. Ocular Basics

Once the Ocular API is up and running, this section will introduce you to the fundamental operations: creating a profile, specifying uploaders and downloaders, and starting a pipeline. These simple examples will help you understand Ocular’s core functionality and provide a foundation for more advanced usage.

3. Customizing Pipelines

After mastering the basics, dive into Ocular’s ability to allow customization of how targets are downloaded and how results are uploaded. You will create custom a downloader and uploader definition and be able to integrate Ocular scans into any upstream or downstream service.

4. Enumerating targets using searches

Once you have the ability to scan targets, we can now configure Ocular to crawl the internet for assets to scan. You will learn how to define crawlers and run searches that can automatically start pipelines. Additionally you will learn how run searches on a schedule.

What Comes Next?

Ready to begin? Start with installing Ocular and take the first step towards securing software assets.