Trivy: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Trivy: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Photo by Peter Herrmann / Unsplash

Table of Content

Trivy is an open-source free comprehensive and versatile security scanner. Trivy has scanners that look for security issues, and targets where it can find those issues.

Targets

Targets (what Trivy can scan):

  • Container Image
  • Filesystem
  • Git Repository (remote)
  • Virtual Machine Image
  • Kubernetes
  • AWS

Scanners

Scanners (what Trivy can find there):

  • OS packages and software dependencies in use (SBOM)
  • Known vulnerabilities (CVEs)
  • IaC issues and misconfigurations
  • Sensitive information and secrets
  • Software licenses

Trivy supports most popular programming languages, operating systems, and platforms. For a complete list, see the Scanning Coverage page.

License

Apache 2.0 License

Resources & Downloads

GitHub - aquasecurity/trivy: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more - GitHub - aquasecurity/trivy: Find vulnerabilities, misconfigurations, secrets,…
Overview - Trivy
A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI




Open-source Apps

9,500+

Medical Apps

500+

Lists

450+

Dev. Resources

900+

Read more

Why We're Betting Big on DeepSeek-V3: A Personal Dive into the Open-Source AI That’s Changing the Game and Redefining AI Excellence

Why We're Betting Big on DeepSeek-V3: A Personal Dive into the Open-Source AI That’s Changing the Game and Redefining AI Excellence

In a bold challenge to AI giants like OpenAI, DeepSeek has unleashed DeepSeek-R1—a revolutionary open-source model that marries brute-force intelligence with surgical precision. Boasting 671 billion parameters (only 37B active per task), this MIT-licensed marvel slashes computational costs while outperforming industry benchmarks in coding, mathematics, and complex reasoning. With

By Hazem Abbas