Docker Image Security Analysis with Trivy

This process allows us to detect vulnerabiites in docker images before deploying or running them.

Trivy

  • Simple and comprehensive scanner for vulnerabilities

    • container images

    • file systems

    • git repositories

    • configuration issues

  • Used to scan Infrastructure as Code (IaC) files such as <below_listed> to detect potential configuration issues that expose your deployment to risk of attacks

    • Terraform

    • Dockerfile

    • Kubernetes

PreviousMiscellaneousNextInfrastructure as a Code (IaC)

Last updated