aquasecurity / trivy
aquasecurity / trivy
📖 Documentation Trivy (pronunciation) is a comprehensive and versatile security scanner. Trivy has scanners that look for security issues, and targets where it can find those issues. 📖 文档 Trivy(发音)是一款全面且通用的安全扫描工具。Trivy 拥有用于查找安全问题的扫描器,以及可以发现这些问题的目标对象。
Targets (what Trivy can scan):
- Container Image
- Filesystem
- Git Repository (remote)
- Virtual Machine Image
- Kubernetes 目标(Trivy 可扫描的内容):
- 容器镜像
- 文件系统
- Git 仓库(远程)
- 虚拟机镜像
- Kubernetes
Scanners (what Trivy can find there):
- OS packages and software dependencies in use (SBOM)
- Known vulnerabilities (CVEs)
- IaC issues and misconfigurations
- Sensitive information and secrets
- Software licenses 扫描器(Trivy 可发现的内容):
- 正在使用的操作系统软件包和软件依赖(SBOM)
- 已知漏洞(CVE)
- IaC 问题和配置错误
- 敏感信息和密钥
- 软件许可证
Trivy supports most popular programming languages, operating systems, and platforms. For a complete list, see the Scanning Coverage page. To learn more, go to the Trivy homepage for feature highlights, or to the Documentation site for detailed information. Trivy 支持大多数主流编程语言、操作系统和平台。如需完整列表,请参阅“扫描覆盖范围”(Scanning Coverage)页面。欲了解更多信息,请访问 Trivy 主页查看功能亮点,或前往文档网站获取详细信息。
Quick Start Get Trivy Trivy is available in most common distribution channels. The full list of installation options is available in the Installation page. Here are a few popular examples:
- brew install trivy
- docker run aquasec/trivy
- Download binary from https://github.com/aquasecurity/trivy/releases/latest/
- See Installation for more 快速入门 获取 Trivy Trivy 可通过大多数常见的分发渠道获取。完整的安装选项列表可在“安装”(Installation)页面找到。以下是一些常见的示例:
- brew install trivy
- docker run aquasec/trivy
- 从 https://github.com/aquasecurity/trivy/releases/latest/ 下载二进制文件
- 更多信息请参阅“安装”页面
Trivy is integrated with many popular platforms and applications. The complete list of integrations is available in the Ecosystem page. Here are a few popular examples:
- GitHub Actions
- Kubernetes operator
- VS Code plugin
- See Ecosystem for more Trivy 与许多主流平台和应用程序集成。完整的集成列表可在“生态系统”(Ecosystem)页面找到。以下是一些常见的示例:
- GitHub Actions
- Kubernetes Operator
- VS Code 插件
- 更多信息请参阅“生态系统”页面
Canary builds There are canary builds (Docker Hub, GitHub, ECR images and binaries) generated with every push to the main branch. Please be aware: canary builds might have critical bugs, so they are not recommended for use in production. Canary 构建版本 每次推送到主分支时,都会生成 Canary 构建版本(Docker Hub、GitHub、ECR 镜像及二进制文件)。请注意:Canary 版本可能存在严重 Bug,因此不建议在生产环境中使用。
General usage
trivy
- trivy image python:3.4-alpine
- trivy fs —scanners vuln,secret,misconfig myproject/
- trivy k8s —report summary cluster 通用用法 trivy <目标> [—scanners <扫描器1,扫描器2>] <对象> 示例:
- trivy image python:3.4-alpine
- trivy fs —scanners vuln,secret,misconfig myproject/
- trivy k8s —report summary cluster
FAQ How to pronounce the name “Trivy”? tri is pronounced like trigger, vy is pronounced like envy. 常见问题解答 如何发音“Trivy”? tri 的发音类似于 trigger,vy 的发音类似于 envy。
Want more? Check out Aqua If you liked Trivy, you will love Aqua which builds on top of Trivy to provide even more enhanced capabilities for a complete security management offering. You can find a high level comparison table specific to Trivy users here. In addition check out the https://aquasec.com website for more information about our products and services. If you’d like to contact Aqua or request a demo, please use this form: https://www.aquasec.com/demo 想要更多功能?了解 Aqua 如果您喜欢 Trivy,那么您一定会喜欢 Aqua。Aqua 基于 Trivy 构建,提供了更强大的功能,旨在提供完整的安全管理解决方案。您可以在此处找到专门针对 Trivy 用户的对比表。此外,请访问 https://aquasec.com 网站了解更多关于我们产品和服务的信息。如果您想联系 Aqua 或申请演示,请使用此表单:https://www.aquasec.com/demo
Community Trivy is an Aqua Security open source project. Learn about our open source work and portfolio here. Contact us about any matter by opening a GitHub Discussion here. Please ensure to abide by our Code of Conduct during all interactions. 社区 Trivy 是 Aqua Security 的开源项目。点击此处了解我们的开源工作和产品组合。如有任何问题,请通过在此处开启 GitHub Discussion 与我们联系。在所有互动过程中,请务必遵守我们的行为准则。