Trivy
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets.
Cost / License
- Free
- Open Source (Apache-2.0)
Platforms
- Mac
- Linux
- Docker
Features
Properties
- Security-focused
Features
Support for Docker- Kubernetes
- Golang
Tags
- Infrastructure as code
- vulnerability
- Security
- misconfiguration
- Containers
- hacktoberfest
- devsecops
- go
- iac
Trivy News & Activities
Recent activities
- javyer liked Trivy
protsenko_dev added Trivy as alternative to Cloud (IaC) Security for JetBrains IDEs
K0RR added Trivy as alternative to Sophos Virus Removal Tool, TDSSKiller, Tiger and GMER
Trivy information
Developed by
aquasecurity Licensing
Open Source (Apache-2.0) and Free product.Written in
Alternatives
15 alternatives listedSupported Languages
- English
Featured in Lists
A list with 13 apps by b4st1en without a description.
What is Trivy?
Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues. Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and language-specific packages (Bundler, Composer, npm, yarn, etc.). In addition, Trivy scans Infrastructure as Code (IaC) files such as Terraform, Dockerfile and Kubernetes, to detect potential configuration issues that expose your deployments to the risk of attack. Trivy also scans hardcoded secrets like passwords, API keys and tokens. Trivy is easy to use. Just install the binary and you're ready to scan.