Locked Trivy

[0x1]

A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI.

This is the hidden content, please

• Sign In
• or
• Sign Up

Abstract

Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive vulnerability scanner for containers. A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System. Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn etc.). Trivy is easy to use. Just install the binary and you're ready to scan. All you need to do for scanning is to specify an image name of the container.

It is considered to be used in CI. Before pushing to a container registry, you can scan your local container image easily.

Features

• Detect comprehensive vulnerabilities
  • OS packages (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, Debian, Ubuntu, Amazon Linux and Distroless)
  • Application dependencies (Bundler, Composer, Pipenv, Poetry, npm, yarn and Cargo)
• Simple
  • Specify only an image name
• Easy installation
  • apt-get install, yum install and brew install is possible
  • No pre-requisites such as installation of DB, libraries, etc. (The exception is that you need rpm installed to scan images based on RHEL/CentOS. This is automatically included if you use our installers or the Trivy container image.)
• High accuracy
  • Especially Alpine Linux and RHEL/CentOS
  • Other OSes are also high
• DevSecOps
  • Suitable for CI such as Travis CI, CircleCI, Jenkins, etc.

Gif Demo

Spoiler

This is the hidden content, please

• Sign In
• or
• Sign Up

More info && Download

This is the hidden content, please

• Sign In
• or
• Sign Up