(tri pronounced like trigger, pronounced like envy) is a simple and comprehensive /misconfiguration scanner for containers and other artifacts. A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System. Trivy detects vulnerabilities of (Alpine, RHEL, CentOS, etc.) and language-specific packages (Bundler, Composer, npm, yarn, etc.). In addition, scans such as Terraform and Kubernetes, to detect potential configuration issues that expose your deployments to the risk of attack. Trivy is easy to use. Just install the binary and you’re ready to scan. All you need to do for scanning is to specify a target such as an image name of the container.

Demo

Trivy is an open source project.
Learn about our open source work and portfolio here.
Contact us about any matter by opening a GitHub Discussion