Any Plugins before using in our environment how can we Validate Plugins whether plugins has any malacious code /virus? in those.
There is nothing special about plugin code.
Use exactly the same process as you use for validating all the other code you
are running in your environment.
I never validated , this is the first time i am using
Why will i ask if i know how do validate???
Sorry, I thought you were asking here about something specific to Icinga
plugins, not for a general malware assessment tool.
I can’t personally help you with that - I trust the plugins the same as I
trust the Icinga2 code.
You might be better off asking this sort of question on a security forum.
same here. We also trust the the plugins like @Pooh wrote. The advantage of open source is, you can check the source code, if you’re not trusting them. We download them from known sources.
If you have an test environment you can test the plugins there also.
If you’re using security or Vulnerability scanner maybe they also find some strange behavior.