Trivy Aqua Security Scanner

Website Source

Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and language-specific packages (Bundler, Composer, npm, yarn, etc.). In addition, Trivy scans Infrastructure as Code (IaC) files such as Terraform and Kubernetes, to detect potential configuration issues that expose your deployments to the risk of attack. Trivy also scans hardcoded secrets like passwords, API keys and tokens.

Logo

Usage

This processor uses the Trivy detection engine and scan for vulerabilities and misconfigurations. The Trivy processor can also take a .tar.gz or .zip file as input in which case the processor will extract before scanning.

Deploy

Docker
Kubernetes

Image

OCI Image

docker.io/ehazlett/flow-workflow-trivy:latest

Run

docker run -ti \
    --name flow-workflow-trivy \
    docker.io/ehazlett/flow-workflow-trivy:latest \
        --addr <FLOW-ADDR> \
        --token <FLOW-SERVICE-TOKEN>

Parameters

Param	Description	Default Value
action	Trivy action to perform (image, fs, rootfs, repo)
target	Target for action (i.e. name for image, path for fs, etc)

Trivy Aqua Security Scanner

Usage​

Deploy​

Image​

Run​

Parameters​

Usage

Deploy

Image

Run

Parameters