Trivy

All-in-one vulnerability scanner for containers, filesystems, Git repos, and IaC. Fast, accurate, and CI/CD native.

securitycontainerscanningiacopen-source

Why it matters

Trivy is a comprehensive open-source vulnerability scanner for containers, filesystems, Git repos, and IaC. Fast, accurate, and works well in CI pipelines.

Specifications

TypeVulnerability Scanner

TargetsContainer / FS / IaC

LicenseApache 2.0

Ask AI

Ask about Trivy

Alternatives in Security

See all

META

SnykSnyk

Developer-first security platform. Scan for vulnerabilities in code, dependencies, containers, and IaC — with auto-fix suggestions.

Freemium

SemgrepSemgrep

Fast, lightweight static analysis across 30+ languages. Custom rules, zero false positives by default, open-source core.

OSS/Pro

Project GlasswingAnthropic

Anthropic's initiative for securing critical infrastructure in the AI era. Focuses on robust supply-chain security and agentic guardrails. Top HN story in April 2026.

Ent