Difference between revisions of "Trivy"

From wikieduonline
Jump to navigation Jump to search
 
(7 intermediate revisions by the same user not shown)
Line 3: Line 3:
  
 
* [[Trivy secret scanning]]
 
* [[Trivy secret scanning]]
 +
* <code>[[brew install trivy]]</code>
 +
* <code>[[trivy --help]]</code>
  
[[brew install trivy]]
+
== Examples ==
 
+
* <code>[[trivy image]]</code>
 
+
* <code>[[trivy filesystem]]</code>
[[trivy filesystem]]
+
* <code>[[trivy repository]]</code>
  
 
  [[trivy]]  
 
  [[trivy]]  
Line 68: Line 70:
  
 
</pre>
 
</pre>
 
  
 
== Related ==
 
== Related ==
Line 79: Line 80:
 
* {{Trivy}}
 
* {{Trivy}}
 
* {{K8s security}}
 
* {{K8s security}}
 +
* {{Container scan}}
 
* {{Aquasec}}
 
* {{Aquasec}}
 
  
 
[[Category:Security]]
 
[[Category:Security]]

Latest revision as of 12:27, 8 November 2024

wikipedia:Trivy security scanner

Examples[edit]

trivy 
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets

Usage:
  trivy [global flags] command [flags] target
  trivy [command]

Examples:
  # Scan a container image
  $ trivy image python:3.4-alpine

  # Scan a container image from a tar archive
  $ trivy image --input ruby-3.1.tar

  # Scan local filesystem
  $ trivy fs .

  # Run in server mode
  $ trivy server

Scanning Commands
  config      Scan config files for misconfigurations
  filesystem  Scan local filesystem
  image       Scan a container image
  kubernetes  [EXPERIMENTAL] Scan kubernetes cluster
  repository  Scan a repository
  rootfs      Scan rootfs
  sbom        Scan SBOM for vulnerabilities and licenses
  vm          [EXPERIMENTAL] Scan a virtual machine image

Management Commands
  module      Manage modules
  plugin      Manage plugins
  vex         [EXPERIMENTAL] VEX utilities

Utility Commands
  clean       Remove cached files
  completion  Generate the autocompletion script for the specified shell
  convert     Convert Trivy JSON report into a different format
  help        Help about any command
  server      Server mode
  version     Print the version

Flags:
      --cache-dir string          cache directory (default "/Users/user/Library/Caches/trivy")
  -c, --config string             config path (default "trivy.yaml")
  -d, --debug                     debug mode
  -f, --format string             version format (json)
      --generate-default-config   write the default config to trivy-default.yaml
  -h, --help                      help for trivy
      --insecure                  allow insecure server connections
  -q, --quiet                     suppress progress bar and log output
      --timeout duration          timeout (default 5m0s)
  -v, --version                   show version

Use "trivy [command] --help" for more information about a command.

Related[edit]

See also[edit]

Advertising: