trivy-action
Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities (by aquasecurity)
secyourit.
By ShubhamPalriwala
trivy-action | secyourit. | |
---|---|---|
3 | 1 | |
685 | - | |
3.6% | - | |
7.3 | - | |
6 days ago | - | |
Shell | ||
Apache License 2.0 | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
trivy-action
Posts with mentions or reviews of trivy-action.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-08-25.
-
How to Stop Rampant Kubernetes Cluster Growth
To examine images in a running state both before and after the image is checked into a registry, these tools, i.e. trivy by Aqua Security, are frequently incorporated into CI/CD processes. Malicious behavior and unfulfilled policy requirements can mark an image for registry deletion or prevent check-in entirely.
-
Episode 89: myNewsWrap – SAP and Microsoft
Security Scanning with GitHub Action for Trivy
-
SecYourIT
AquaSecurity/Trivy-Action to scan the file system and the dependencies for vulnerabilities
What are some alternatives?
When comparing trivy-action and secyourit. you can also consider the following projects:
sast-scan - Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
secyourit - Time to get your project some action, security action
featured
actions - A set of GitHub actions for checking your projects for vulnerabilities
opni - Multi Cluster Observability with AIOps
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
sane-scan-pdf - Sane command-line scan-to-pdf script on Linux with OCR and deskew support
verify-action - Verify the authenticity of your commits with CodeNotary.io