Difference between revisions of "Trivy"

From wikieduonline
Jump to navigation Jump to search
 
(24 intermediate revisions by 3 users not shown)
Line 1: Line 1:
[[wikipedia:Trivy]]
+
[[wikipedia:Trivy]] [[security scanner]]
 +
* https://github.com/aquasecurity/trivy
  
 +
* [[Trivy secret scanning]]
 +
* <code>[[brew install trivy]]</code>
 +
* <code>[[trivy --help]]</code>
 +
 +
== Examples ==
 +
* <code>[[trivy image]]</code>
 +
* <code>[[trivy filesystem]]</code>
 +
* <code>[[trivy repository]]</code>
 +
 +
[[trivy]]
 +
<pre>
 +
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
 +
 +
Usage:
 +
  trivy [global flags] command [flags] target
 +
  trivy [command]
 +
 +
Examples:
 +
  # Scan a container image
 +
  $ trivy image python:3.4-alpine
 +
 +
  # Scan a container image from a tar archive
 +
  $ trivy image --input ruby-3.1.tar
 +
 +
  # Scan local filesystem
 +
  $ trivy fs .
 +
 +
  # Run in server mode
 +
  $ trivy server
 +
 +
Scanning Commands
 +
  config      Scan config files for misconfigurations
 +
  filesystem  Scan local filesystem
 +
  image      Scan a container image
 +
  kubernetes  [EXPERIMENTAL] Scan kubernetes cluster
 +
  repository  Scan a repository
 +
  rootfs      Scan rootfs
 +
  sbom        Scan SBOM for vulnerabilities and licenses
 +
  vm          [EXPERIMENTAL] Scan a virtual machine image
 +
 +
Management Commands
 +
  module      Manage modules
 +
  plugin      Manage plugins
 +
  vex        [EXPERIMENTAL] VEX utilities
 +
 +
Utility Commands
 +
  clean      Remove cached files
 +
  completion  Generate the autocompletion script for the specified shell
 +
  convert    Convert Trivy JSON report into a different format
 +
  help        Help about any command
 +
  server      Server mode
 +
  version    Print the version
 +
 +
Flags:
 +
      --cache-dir string          cache directory (default "/Users/user/Library/Caches/trivy")
 +
  -c, --config string            config path (default "trivy.yaml")
 +
  -d, --debug                    debug mode
 +
  -f, --format string            version format (json)
 +
      --generate-default-config  write the default config to trivy-default.yaml
 +
  -h, --help                      help for trivy
 +
      --insecure                  allow insecure server connections
 +
  -q, --quiet                    suppress progress bar and log output
 +
      --timeout duration          timeout (default 5m0s)
 +
  -v, --version                  show version
 +
 +
Use "trivy [command] --help" for more information about a command.
 +
 +
</pre>
  
 
== Related ==
 
== Related ==
* [[Lens Desktop]]
+
* [[Lens Desktop]], enable Trivy [[operator]]
 +
* [[Trivy operator]]
 +
* <code>[[securityContext:]]</code>
 +
* [[Container hardening]]
 +
 
 +
== See also ==
 +
* {{Trivy}}
 +
* {{K8s security}}
 +
* {{Container scan}}
 +
* {{Aquasec}}
 +
 
 +
[[Category:Security]]

Latest revision as of 12:27, 8 November 2024

wikipedia:Trivy security scanner

Examples[edit]

trivy 
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets

Usage:
  trivy [global flags] command [flags] target
  trivy [command]

Examples:
  # Scan a container image
  $ trivy image python:3.4-alpine

  # Scan a container image from a tar archive
  $ trivy image --input ruby-3.1.tar

  # Scan local filesystem
  $ trivy fs .

  # Run in server mode
  $ trivy server

Scanning Commands
  config      Scan config files for misconfigurations
  filesystem  Scan local filesystem
  image       Scan a container image
  kubernetes  [EXPERIMENTAL] Scan kubernetes cluster
  repository  Scan a repository
  rootfs      Scan rootfs
  sbom        Scan SBOM for vulnerabilities and licenses
  vm          [EXPERIMENTAL] Scan a virtual machine image

Management Commands
  module      Manage modules
  plugin      Manage plugins
  vex         [EXPERIMENTAL] VEX utilities

Utility Commands
  clean       Remove cached files
  completion  Generate the autocompletion script for the specified shell
  convert     Convert Trivy JSON report into a different format
  help        Help about any command
  server      Server mode
  version     Print the version

Flags:
      --cache-dir string          cache directory (default "/Users/user/Library/Caches/trivy")
  -c, --config string             config path (default "trivy.yaml")
  -d, --debug                     debug mode
  -f, --format string             version format (json)
      --generate-default-config   write the default config to trivy-default.yaml
  -h, --help                      help for trivy
      --insecure                  allow insecure server connections
  -q, --quiet                     suppress progress bar and log output
      --timeout duration          timeout (default 5m0s)
  -v, --version                   show version

Use "trivy [command] --help" for more information about a command.

Related[edit]

See also[edit]

Advertising: