Trivy Aqua Security Scanner
Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and language-specific packages (Bundler, Composer, npm, yarn, etc.). In addition, Trivy scans Infrastructure as Code (IaC) files such as Terraform and Kubernetes, to detect potential configuration issues that expose your deployments to the risk of attack. Trivy also scans hardcoded secrets like passwords, API keys and tokens.
Usage
This processor uses the Trivy detection engine and scan for vulerabilities and misconfigurations.
The Trivy processor can also take a .tar.gz
or .zip
file as input in which case
the processor will extract before scanning.
Deploy
- Docker
- Kubernetes
Parameters
Param | Description | Default Value |
---|---|---|
action | Trivy action to perform (image, fs, rootfs, repo) | |
target | Target for action (i.e. name for image, path for fs, etc) |