Trivy security vulnerability scanner

Security issues can creep in at all levels of software development, keeping a variety of tools available is always a good idea.

Trivy will help to identify configuration issues and potential secrets in a project.

The fastest method I’ve found to get started is to use Homebrew, if you have not already installed it, I’ve posted instructions in an earlier post.

brew install trivy

An initial scan can then be run with:

trivy fs --scanners vuln,secret,misconfig ./

REFERENCES: