Docker
If you’re looking for a simple and comprehensive vulnerability scanner for your containers then Trivy is the best choice. In this post, we see how to scan a sample image & its key features.
Scanner | OS Packages | Application Dependencies | Easy to use | Accuracy | Suitable for CI |
---|---|---|---|---|---|
Trivy | ✅ | ✅ (5 languages) | ⭐ ⭐ ⭐ | ⭐ ⭐ ⭐ | ⭐ ⭐ ⭐ |
Clair | ✅ | × | ⭐ | ⭐ ⭐ | ⭐ ⭐ |
Anchore Engine | ✅ | ✅ (4 languages) | ⭐ ⭐ | ⭐ ⭐ | ⭐ ⭐ ⭐ |
Quay | ✅ | × | ⭐ ⭐ ⭐ | ⭐ ⭐ | × |
Docker Hub | ✅ | × | ⭐ ⭐ ⭐ | ⭐ | × |
GCR | ✅ | × | ⭐ ⭐ ⭐ | ⭐ ⭐ | × |
In the next section, we take look at how to scan a sample image for vulnerabilities.
I’m using Ubuntu, following is the script will install Trivy for me. For other distros, please do check here.
$ sudo apt-get install wget apt-transport-https gnupg lsb-release
$ wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
$ echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
$ sudo apt-get update
$ sudo apt-get install trivy
Now that Trivy installation completed, Next step we can scan a sample image and check vulnerabilities.
Use trivy image [IMAGE_NAME]
to initiate scanning and getting vulnerabilities here in this example I have used httpd
image. As you can see there are a total of 332 vulnerabilities with varying severities.
You can also filter the vulnerabilities by severities with --severity
option
To save the results as JSON,use -f
and -o
option
There are many options/examples, you can check out all of them here.
Like this post? Don’t forget to share it!
As a business, you need to make a lot of important decisions to keep things…
If you are software programming in the era of ‘digital first’, APIs (Application Programming Interfaces)…
Smartwatches have changed the way we organize our daily lives. They not only keep us…
You’ve been targeting people, developing interesting content and managing marketing campaigns. However, it appears that…
The world of wearable technology has been evolving at a rapid pace, with one of…
As we wrap up 2024, it’s time to reflect on the incredible journey we’ve had…
This website uses cookies.