The all-in-one open source security scanner
Use Trivy to find vulnerabilities (CVE) & misconfigurations (IaC) across code repositories, binary artifacts, container images, Kubernetes clusters, and more. All in one tool!
Get started Read the DocsIt's all about the community!
Trivy is praised by professionals worldwide. Are you a Trivy fan as well? We'd love to hear from you!
Cristiano Corrado, Wise
"The discovery process led us to evaluate multiple open-source tools ... The final decision was to use Trivy"
Jonathan Gonzalez V., CloudNativePG
"Thanks @AquaSecTeam for creating Trivy and help us to improve @CloudNativePg security"
Andy Roberts, Vista
"I've tried a few and all have pros/cons but I found that Trivy is the best of them"
Ali Faraj, Antigen Security
"Trivy from Aqua Security is my new favorite tool... It's such a powerful tool with the ability to generate SBOMs, find vulnerabilities, misconfigurations, and secrets!"
Sam White, GitLab
"Trivy was a clear leader in the market as far as features, functionality, and capabilities"
Ariadne Conill, Alpine Security
@ariadneconill
...the tl;dr is basically Aqua's Trivy is the best one, all of the other ones are a waste of time
Harbor Team
"Trivy takes container image scanning to higher levels of usability and performance."
Milind Gadre, Mirantis
"After evaluating several leading options for open source vulnerability scanning, Trivy really stood out"
Jerry Gambli
@JGamblin
The way the @AquaSecTeam team has turned Trivy into the best open-source vulnerability scanner in such a short time is really amazing.
Yaney
"Trivy is, by far, the best open-source tool for cloud-native security that I have ever used"
Damian Naprawa
"So happy to see collaboration between @Azure and @AquaSecTeam on scanning container images in Azure Container Registry CI/CD workflows using such a great tool - Trivy."
Mustafa Akin, Resmo
"I love how Trivy democratized dependency scanning to the masses as a free and extremely easy to use tool, with also a permissive license. This used to be a gated community with predatory security vendors charging premium, and they were not half as good as Trivy."
dynaptik, Deutsche Bahn
"Trivy easily for what it brings to the table (secret scanning, vuln scan, license check) and little effort required. Bang for the buck it's pretty amazing"
Cristiano Corrado, Wise
"The discovery process led us to evaluate multiple open-source tools ... The final decision was to use Trivy"
Jonathan Gonzalez V., CloudNativePG
"Thanks @AquaSecTeam for creating Trivy and help us to improve @CloudNativePg security"
Andy Roberts, Vista
"I've tried a few and all have pros/cons but I found that Trivy is the best of them"
Ali Faraj, Antigen Security
"Trivy from Aqua Security is my new favorite tool... It's such a powerful tool with the ability to generate SBOMs, find vulnerabilities, misconfigurations, and secrets!"
Sam White, GitLab
"Trivy was a clear leader in the market as far as features, functionality, and capabilities"
Ariadne Conill, Alpine Security
@ariadneconill
...the tl;dr is basically Aqua's Trivy is the best one, all of the other ones are a waste of time
Harbor Team
"Trivy takes container image scanning to higher levels of usability and performance."
Milind Gadre, Mirantis
"After evaluating several leading options for open source vulnerability scanning, Trivy really stood out"
Jerry Gambli
@JGamblin
The way the @AquaSecTeam team has turned Trivy into the best open-source vulnerability scanner in such a short time is really amazing.
Yaney
"Trivy is, by far, the best open-source tool for cloud-native security that I have ever used"
Damian Naprawa
"So happy to see collaboration between @Azure and @AquaSecTeam on scanning container images in Azure Container Registry CI/CD workflows using such a great tool - Trivy."
Mustafa Akin, Resmo
"I love how Trivy democratized dependency scanning to the masses as a free and extremely easy to use tool, with also a permissive license. This used to be a gated community with predatory security vendors charging premium, and they were not half as good as Trivy."
dynaptik, Deutsche Bahn
"Trivy easily for what it brings to the table (secret scanning, vuln scan, license check) and little effort required. Bang for the buck it's pretty amazing"
Cristiano Corrado, Wise
"The discovery process led us to evaluate multiple open-source tools ... The final decision was to use Trivy"
Jonathan Gonzalez V., CloudNativePG
"Thanks @AquaSecTeam for creating Trivy and help us to improve @CloudNativePg security"
Andy Roberts, Vista
"I've tried a few and all have pros/cons but I found that Trivy is the best of them"
Ali Faraj, Antigen Security
"Trivy from Aqua Security is my new favorite tool... It's such a powerful tool with the ability to generate SBOMs, find vulnerabilities, misconfigurations, and secrets!"