Aqua Security has announced that Trivy, their open source vulnerability scanner, is now available as an integrated option within a number of platforms. Trivy is able to scan for vulnerabilities within operating systems and a number of common application dependencies.
With this announcement, Trivy is now included within Harbor as the default scanner. Harbor is an open source container image registry and is an Incubating project with the CNCF. It is also possible to integrate Trivy with Docker to facilitate scanning Docker images.
Trivy is able to detect vulnerabilities in a number of Linux operating systems including Alpine, RHEL, CentOS, Debian, Ubuntu, SUSE, and Amazon Linux. According to Aqua, Trivy has a high accuracy for detection of vulnerabilities especially with Alpine Linux and RHEL/CentOS. Teppei Fukuda, OSS engineer at Aqua Security, shared an analysis of vulnerabilities detected on a version of Alpine Linux by a number of vulnerability scanners in which Trivy was most successful.