Aqua Trivy: Vulnerability and Misconfiguration Scanning

Shift left using Aqua Trivy, the fastest way for DevOps and security teams to get started with vulnerability and infrastructure as code (IaC) scanning.

Start Now
Get started fast
Popular default scanner
Ecosystem integrations
Start scanning quickly
With Aqua Trivy, DevOps teams can get set up and start scanning as fast as development requires. No database dependencies or middleware are required, and integration into the CI/CD pipeline is a simple binary installation.
View the Demo
The open source default scanner of choice
Those who are just beginning with cloud native security can be confident in choosing Aqua Trivy, based on the extensive range of public testimonials and its wide use as a default scanner.
View Aqua Trivy Comparison
Security with the least friction
Reduce management overhead and minimize friction with security by working with Aqua Trivy as an integrated experience in your current tech stack. Benefit from regular contributions and integration feature requests.
Harbor Registry Integration

Quickly add vulnerability and IaC scanning capabilities

Deployment and integration into the CI/CD pipeline is as simple as installing the binary and specifying a target. Aqua Trivy has a compact database, with auto-update capabilities that do not require middleware or database dependencies. Scanning takes seconds, and critical CVEs can be filtered directly in the command line.

Blog
DevSecOps with Trivy and GitHub Actions
Read More
Quickly add vulnerability and IaC scanning capabilities

Ecosystem compatibility

View results directly in the GitHub UI via the GitHub Action or in your favorite Kubernetes dashboard using Aqua Starboard. Export results to external user interfaces in various formats, such as JUnit XML, SARIF, and AWS Security Finding Format (ASFF). Use a Helm chart to install Aqua Trivy into a Kubernetes cluster, or scan images in Harbor with the plug-in adapter.

Blog
Securing GitHub Actions with Trivy and Cosign
Read the Blog
Ecosystem compatibility

Broad & accurate coverage

Gain comprehensive visibility across operating system packages and programming language packages, with detailed vulnerability information available at the Aqua Vulnerability Database. See results for fixed and unfixed vulnerabilities, and achieve low false positives for historically difficult operating systems such as Alpine Linux and RHEL/CentOS. 

Blog
Unveiling Aqua Vulnerability Database, Strengthen Your K8s Clusters
Read the Blog
Broad & accurate coverage

Environment versatility

Scan for private and public registries, local filesystems, and container formats such as tar archivesPodman and Git repositories. Achieve functionality for a variety of execution environments, such as Linux, macOS, FreeBSD, and OpenBSD, with the option to support air-gapped environments as well as distroless images. 

Environment versatility

Open source scanner

Aqua Trivy is the default scanner of choice for DevOps and security teams across many popular projects and companies. Users benefit from regular, quality contributions and innovative feature requests. Aqua Trivy is the default scanner for GitLab’s Container Scanning functionality, Artifact Hub and Harbor. Aqua Trivy is also a RedHat certified scanner.
Blog
Identify Security Risks in AWS CloudFormation Templates with Trivy
Read the Blog
Open source scanner
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links