Trivy

Introduction

Trivy is an open-source security scanner from Aqua Security focused on quickly detecting vulnerabilities and misconfigurations in container images, file systems, repositories, and IaC configurations, and can run seamlessly locally or in CI/CD pipelines.

Core features and highlights

• Fast, single-file binary with low resource usage;
• Supports scanning container images, OS packages, language dependencies, Git repositories, Dockerfiles, Kubernetes manifests, and IaC (e.g., Terraform, CloudFormation);
• Detects vulnerabilities, misconfigurations, secrets leaks, and performs software composition analysis (SCA);
• Multiple output formats (table/JSON/SARIF) for easy automation and visualization integration;
• Regularly updated vulnerability databases and offline mirror support.

Use cases and target users

Suitable for DevOps, SRE, SecOps, and developers to check images before build/deploy and for continuous compliance monitoring. Whether individual developers scan locally or organizations automate security in CI/CD (e.g., GitHub Actions, GitLab CI, Jenkins), Trivy can be embedded into existing workflows.

Major advantages and highlights

• Broad coverage with a well-maintained and timely updated vulnerability database;