Use Trivy to find vulnerabilities (CVE) & misconfigurations (IaC) across code repositories, binary artifacts, container images, Kubernetes clusters, and more. All in one tool!
"So happy to see collaboration between @Azure and @AquaSecTeam on scanning container images in Azure Container Registry CI/CD workflows using such a great tool - Trivy."
"I love how Trivy democratized dependency scanning to the masses as a free and extremely easy to use tool, with also a permissive license. This used to be a gated community with predatory security vendors charging premium, and they were not half as good as Trivy."
"Trivy easily for what it brings to the table (secret scanning, vuln scan, license check) and little effort required. Bang for the buck it's pretty amazing"
"Trivy from Aqua Security is my new favorite tool... It's such a powerful tool with the ability to generate SBOMs, find vulnerabilities, misconfigurations, and secrets!"