Analysis tools logo
2

trivy

A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI. Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn, etc.). Checks containers and filesystems.

Github:
    117891178922311262019
Workflow integration:
  • Type: cli
    cli

Official trivy Homepage

https://github.com/aquasecurity/trivy

Apache-2.0 License

Maintained

Alternative Tools

  • 104Mega-Linter
  • 68Semgrep
  • 1lizard
  • -1Synopsys
  • -4ShiftLeft Scan