Trivy: A scanner for vulnerabilities in containers, file systems, and Git repos(github.com)
github.com
Trivy: A scanner for vulnerabilities in containers, file systems, and Git repos
https://github.com/aquasecurity/trivy
7 comments
It seems that this does the same thing as Anchore. Is there a difference that I'm not seeing?
Also, I couldn't find anything for Trivy that gives you a nice web UI like what Snyk does, or did I miss something there as well?
Trivy is good. It comes bundled with the harbor docker registry, meaning you get security analysis of your images and provide for some level of security as you can prevent pulling critical images (or whatever level you deem necessary).
I’ve had a great experience with Trivy, very solid tool, very easy to write automation around.
Is this what powers AquaSec?
Yes, we use AquaSec and it’s absolutely the same engine. Trivy is so good we were tempted to drop AquaSec entirely as we only use it in our CI and this covers our requirements.
it's super easy to integrate in every ci/cd pipeline