Difference between revisions of "Trivy"
Jump to navigation
Jump to search
| Line 6: | Line 6: | ||
== Examples == | == Examples == | ||
| − | + | * <code>[[trivy filesystem]]</code> | |
| − | + | * <code>[[trivy repository]]</code> | |
[[trivy]] | [[trivy]] | ||
| Line 68: | Line 68: | ||
</pre> | </pre> | ||
| − | |||
== Related == | == Related == | ||
Revision as of 12:10, 25 September 2024
wikipedia:Trivy security scanner
Examples
trivy
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
Usage:
trivy [global flags] command [flags] target
trivy [command]
Examples:
# Scan a container image
$ trivy image python:3.4-alpine
# Scan a container image from a tar archive
$ trivy image --input ruby-3.1.tar
# Scan local filesystem
$ trivy fs .
# Run in server mode
$ trivy server
Scanning Commands
config Scan config files for misconfigurations
filesystem Scan local filesystem
image Scan a container image
kubernetes [EXPERIMENTAL] Scan kubernetes cluster
repository Scan a repository
rootfs Scan rootfs
sbom Scan SBOM for vulnerabilities and licenses
vm [EXPERIMENTAL] Scan a virtual machine image
Management Commands
module Manage modules
plugin Manage plugins
vex [EXPERIMENTAL] VEX utilities
Utility Commands
clean Remove cached files
completion Generate the autocompletion script for the specified shell
convert Convert Trivy JSON report into a different format
help Help about any command
server Server mode
version Print the version
Flags:
--cache-dir string cache directory (default "/Users/user/Library/Caches/trivy")
-c, --config string config path (default "trivy.yaml")
-d, --debug debug mode
-f, --format string version format (json)
--generate-default-config write the default config to trivy-default.yaml
-h, --help help for trivy
--insecure allow insecure server connections
-q, --quiet suppress progress bar and log output
--timeout duration timeout (default 5m0s)
-v, --version show version
Use "trivy [command] --help" for more information about a command.
Related
- Lens Desktop, enable Trivy operator
- Trivy operator
securityContext:- Container hardening
See also
- Trivy, Trivy secret scanning,
trivy filesystem - Kubernetes security, OPA, EKS security, PSA, PSS, CKS,
SecurityContext, Trivy, KubeBench, Kubernetes Admission Controllersadmissionregistration.k8s.io, Hardeneks, Gatekeeper (Kubernetes),kubernetes.io/enforce-mountable-secrets, Auditing - Aquasec, Trivy,
aquasecurity.github.io, kind: ConfigAuditReport, Aqua Enforcers,tfsec, Kube Enforcer
Advertising:
