Skip to content

DevSecAI/gridcore-telemetry

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.github/workflows
.github/workflows
 
 
cmd/gridcore
cmd/gridcore
 
 
infra
infra
 
 
internal
internal
 
 
DEMO.md
DEMO.md
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
demo.yaml
demo.yaml
 
 
go.mod
go.mod
 
 

Repository files navigation

Gridcore Telemetry

⚠️ ARKO Demo Application — contains intentional vulnerabilities. Do not deploy.

Smart-meter telemetry ingestion and demand-response orchestration for the (fictional) Gridcore distribution system operator. Part of the ARKO Coverage Demos suite.

Stack: Go 1.22 · Chi · TimescaleDB · Azure (Terraform) · Kubernetes.

Coverage

  • 10 SAST — command injection, hardcoded creds, weak TLS config, insecure random, log injection, SSRF, race condition, panic on user input, weak hash, unsafe pointer.
  • 8 IaC — Azure Storage public access, NSG rules, Postgres flexible server config, Dockerfile, K8s.
  • 3 SCA — Go modules with known CVEs.
  • 3 pipeline misconfigs.

Frameworks exercised: NIS2, IEC 62443, NIST CSF.

See DEMO.md.

About

Energy / smart-grid demo — intentionally vulnerable. Part of DevSecAI/arko-demos. Do not deploy.

devsecai.io

Topics

devsecops security-demo arko-demo

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages