Trivy

Trivy (by Aqua Security) is a comprehensive and versatile security scanner. It is famous for being incredibly fast, easy to install (single binary), and covering a wide range of targets (Containers, Filesystem, Git repos, AWS).

When to Use

• Docker Image Scanning: The gold standard for fast image scanning in CI.
• Kubernetes Scanning: Scanning a running cluster for vulnerabilities.
• SBOM Generation: Creating a Software Bill of Materials (CycloneDX/SPDX).

Quick Start

# Scan a container image
trivy image python:3.4-alpine

# Scan local filesystem (dependencies + secrets + misconfigs)
trivy fs .