If you’re looking for a simple and comprehensive vulnerability scanner for your containers then Trivy is the best choice. In this post, we see how to scan a sample image & its key features.
Scanner | OS Packages | Application Dependencies | Easy to use | Accuracy | Suitable for CI |
---|---|---|---|---|---|
Trivy | ✅ | ✅ (5 languages) | ⭐ ⭐ ⭐ | ⭐ ⭐ ⭐ | ⭐ ⭐ ⭐ |
Clair | ✅ | × | ⭐ | ⭐ ⭐ | ⭐ ⭐ |
Anchore Engine | ✅ | ✅ (4 languages) | ⭐ ⭐ | ⭐ ⭐ | ⭐ ⭐ ⭐ |
Quay | ✅ | × | ⭐ ⭐ ⭐ | ⭐ ⭐ | × |
Docker Hub | ✅ | × | ⭐ ⭐ ⭐ | ⭐ | × |
GCR | ✅ | × | ⭐ ⭐ ⭐ | ⭐ ⭐ | × |
In the next section, we take look at how to scan a sample image for vulnerabilities.
I’m using Ubuntu, following is the script will install Trivy for me. For other distros, please do check here.
$ sudo apt-get install wget apt-transport-https gnupg lsb-release
$ wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
$ echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
$ sudo apt-get update
$ sudo apt-get install trivy
Now that Trivy installation completed, Next step we can scan a sample image and check vulnerabilities.
Use trivy image [IMAGE_NAME]
to initiate scanning and getting vulnerabilities here in this example I have used httpd
image. As you can see there are a total of 332 vulnerabilities with varying severities.
You can also filter the vulnerabilities by severities with --severity
option
To save the results as JSON,use -f
and -o
option
There are many options/examples, you can check out all of them here.
Like this post? Don’t forget to share it!
In today's digital-first world, businesses must adopt effective strategies to stay competitive. Social media marketing…
62% of UX designers now use AI to enhance their workflows. Artificial intelligence (AI) rapidly…
The integration of artificial intelligence into graphic design through tools like Adobe Photoshop can save…
The cryptocurrency trading world has grown significantly in recent years, with automation playing a key…
The non-fungible token (NFT) market has witnessed explosive growth over the past few years, transforming…
There are few things as valuable to a business as well-designed software. Organizations today rely…
This website uses cookies.