◆SkillCybersecurityFree
Trivy — Container & Supply-Chain Scanner
Aqua Security's comprehensive vulnerability scanner for containers, filesystems, Git repos, IaC, and SBOMs — now with AI/ML workload scanning.
التثبيتات267k
التقييم★ 4.9
المراجعات89
Trivy — Container & Supply-Chain Vulnerability Scanner
Trivy is the world's most widely deployed open-source security scanner. It detects CVEs in OS packages and application dependencies, misconfigurations in Kubernetes/Terraform/Dockerfiles, exposed secrets, and generates SBOMs — all in a single binary. It is increasingly used to scan AI model artefacts and Python ML dependency trees.
Key Features
- CVE detection: OS packages (Alpine, Ubuntu, RHEL, …) and language libraries (Python, Node, Go, Java, …)
- IaC misconfiguration scanning (Terraform, Kubernetes, Helm, Dockerfile)
- Secret scanning (API keys, tokens, certificates)
- SBOM generation and attestation (CycloneDX, SPDX)
- Kubernetes operator and GitHub Actions integration
Quick Start
# Scan a Docker image
trivy image python:3.12-slim
# Scan a local filesystem (e.g. a cloned ML repo)
trivy fs ./my-ml-project
# Generate SBOM
trivy image --format cyclonedx --output sbom.json myimage:latest
npx ai-supply add trivy-container-vulnerability-scanner
Curated mirror of the open-source Trivy (Apache-2.0). Get it from the source.