Trivy logo


Vulnerability Scanner for Containers, Suitable for CI
+ 1

What is Trivy?

It is a simple and comprehensive vulnerability scanner for containers and other artifacts. It detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn, etc.). It is easy to use. Just install the binary and you're ready to scan. All you need to do for scanning is to specify a target such as an image name of the container.
Trivy is a tool in the Security category of a tech stack.
Trivy is an open source tool with 18.6K GitHub stars and 1.9K GitHub forks. Here’s a link to Trivy's open source repository on GitHub

Who uses Trivy?

10 companies reportedly use Trivy in their tech stacks, including Onefootball, Labs, and SMARTTechStack.

25 developers on StackShare have stated that they use Trivy.

Trivy Integrations

Jenkins, GitHub Actions, Travis CI, CentOS, and CircleCI are some of the popular tools that integrate with Trivy. Here's a list of all 11 tools that integrate with Trivy.

Trivy's Features

  • Simple
  • Fast
  • Easy installation
  • High accuracy
  • Detect comprehensive vulnerabilities
  • Suitable for CI such as Travis CI, CircleCI, Jenkins, GitLab CI, etc
  • Support multiple formats

Trivy Alternatives & Comparisons

What are some alternatives to Trivy?
Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions.
Docker Compose
With Compose, you define a multi-container application in a single file, then spin your application up in a single command which does everything that needs to be done to get it running.
It is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.
Let's Encrypt
It is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).
Rancher is an open source container management platform that includes full distributions of Kubernetes, Apache Mesos and Docker Swarm, and makes it simple to operate container clusters on any cloud or infrastructure platform.
See all alternatives
Related Comparisons
No related comparisons found

Trivy's Followers
17 developers follow Trivy to keep up with related blogs and decisions.