trivy

A Simple and Comprehensive Vulnerability Scanner for Container Images, Github Repositories and Filesystems. Suitable for CI (by aquasecurity)
Source Code
Go #Security #security-tools #Docker #Containers #vulnerability-scanners #vulnerability-detection #Vulnerability #Golang #Go #Kubernetes #HacktoberFest

Trivy Alternatives

Similar projects and alternatives to trivy

  • GitHub repo Moby

    Moby Project - a collaborative project for the container ecosystem to assemble container-based systems

  • GitHub repo dockerfile

    Dockerfile best-practices for writing production-worthy Docker images.

  • Scout

    Get performance insights in less than 4 minutes. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

  • GitHub repo docker-flask-example

    A production ready example Flask app that's using Docker and Docker Compose.

  • GitHub repo dive

    A tool for exploring each layer in a docker image

  • GitHub repo Vault

    A tool for secrets management, encryption as a service, and privileged access management

  • GitHub repo Gson

    A Java serialization/deserialization library to convert Java Objects into JSON and back

  • GitHub repo Keycloak

    Open Source Identity and Access Management For Modern Applications and Services

  • GitHub repo Twig

    Twig, the flexible, fast, and secure template language for PHP

  • GitHub repo DOMPurify

    DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

  • GitHub repo hadolint

    Dockerfile linter, validate inline bash, written in Haskell

  • GitHub repo falco

    Cloud Native Runtime Security

  • GitHub repo Spotbugs

    SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

  • GitHub repo Thymeleaf

    Thymeleaf is a modern server-side Java template engine for both web and standalone environments.

  • GitHub repo dockle

    Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

  • GitHub repo selinux-coloring-book

    A coloring book to help folks understand how SELinux works.

  • GitHub repo caddy-docker

    Source for the official Caddy v2 Docker Image

NOTE: The number of mentions on this list indicates mentions on common posts. Hence, a higher number means a better trivy alternative or higher similarity.

Posts

Posts where trivy has been mentioned. We have used some of these posts to build our list of alternatives and similar projects - the last one was on 2021-02-16.
  • Trivy: scanning your containers for vulnerabilities
    dev.to | 2021-02-21
    Shift left security refers to moving security sooner in the development process. It aims at having security in mind from the get-go and not when "sh*t hits the fan". One tool that can help us with securing our systems is Trivy.
  • Web Application Security Checklist (2021)
    dev.to | 2021-02-16
  • Container security scanner
    reddit.com/r/devops | 2021-01-27
  • Container scanning tools
    reddit.com/r/aws | 2021-01-04
    Check out Trivy: https://github.com/aquasecurity/trivy
  • Dockerfile Best Practices
    news.ycombinator.com | 2021-01-02
    +1 for hadolint. There's also https://github.com/goodwithtech/dockle and https://github.com/aquasecurity/trivy if you want more security emphasis.

Stats

Basic trivy repo stats
2
6,534
8.4
about 10 hours ago

aquasecurity/trivy is an open source project licensed under Apache License 2.0 which is an OSI approved license.