Securityv0.59

Trivy

Comprehensive open-source security scanner by Aqua Security. Scans container images, file systems, Git repos, and Kubernetes clusters for vulnerabilities, misconfigurations, and secrets.

Articles about Trivy

Container Image Scanning with Trivy: Complete Setup Guide

Set up Trivy for container image vulnerability scanning — from local development to CI/CD pipeline integration with actionable remediation.

Mar 20, 20268 min readstandard

Automated Dependency Vulnerability Scanning in CI: Stop Shipping Known CVEs

Add automated dependency vulnerability scanning to your CI pipeline using Trivy and Grype. Catch known CVEs before they hit production.

Mar 22, 20268 min readstandard

Container Supply Chain Security With Sigstore and Cosign

Sign and verify your container images with Sigstore Cosign to prevent supply chain attacks — with keyless signing, SBOM attestation, and Kubernetes admission enforcement.

Mar 20, 20269 min readstandard