What is Trivy?
- open-source security scanner tool developed by Aqua Security.
- Used for vulnerability scanning in such as
- container images
- file systems/folders
- Git repositories
- Kubernetes clusters
- misconfiguration in files such as Terraform, K8S manifest files
- Trivy helps identify security issues and misconfigurations early in the software development lifecycle.
How to Install Trivy scanner?
Trivy scanner can be installed so many ways. Check here for more information. But we will using APT package manager to install on Ubuntu.
sudo apt-get install wget gnupg -y
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy -y
Check Trivy got installed
trivy --version
This confirm that Trivy got installed successfully.
Perform some scan locally
trivy image nginx
No comments:
Post a Comment