Scanner for vulnerabilities in container images, file systems, and Git…
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues. More information: https://github.com/aquasecurity/trivy.
trivy image {{image:tag}}
trivy fs --security-checks {{vuln,config}} {{path/to/project_directory}}
trivy config {{path/to/iac_directory}}
trivy image --format {{template}} --template {{"@sarif.tpl"}} -o {{path/to/report.sarif}} {{image:tag}}