docs: rewrite installation docs and general improvements (#3368)

improve installation guide, improve overview pages, rename cli section to docs
2025-12-22 23:26:39 -08:00 · 2023-01-08 15:16:03 +02:00
parent c3759c6d83
commit 89016da21e
8 changed files with 122 additions and 329 deletions
--- a/README.md
+++ b/README.md
@@ -31,24 +31,25 @@ Scanners (what Trivy can find there):
 - Sensitive information and secrets
 - Software licenses
 To learn more, go to the [Trivy homepage][homepage] for feature highlights, or to the [Documentation site][docs] for detailed information.
 ## Quick Start
 ### Get Trivy
-Trivy is available in most common distribution methods. The full list of installation options is available in the [Installation] page, here are a few popular options:
+Trivy is available in most common distribution channels. The full list of installation options is available in the [Installation] page. Here are a few popular examples:
 - `apt-get install trivy`
 - `yum install trivy`
 - `brew install trivy`
 - `docker run aquasec/trivy`
 - Download binary from <https://github.com/aquasecurity/trivy/releases/latest/>
 - See [Installation] for more
-Trivy is integrated with many popular platforms and applications. The full list of integrations is available in the [Ecosystem] page. Here are a few popular options:
+Trivy is integrated with many popular platforms and applications. The complete list of integrations is available in the [Ecosystem] page. Here are a few popular examples:
 - [GitHub Actions](https://github.com/aquasecurity/trivy-action)
 - [CircleCI](https://circleci.com/developer/orbs/orb/fifteen5/trivy-orb)
 - [Kubernetes operator](https://github.com/aquasecurity/trivy-operator)
 - [VS Code plugin](https://github.com/aquasecurity/trivy-vscode-extension)
 - See [Ecosystem] for more
 ### General usage
@@ -91,36 +92,6 @@ trivy k8s --report summary cluster
 </details>
 ## Highlights
 - Comprehensive vulnerability detection
    - OS packages (Alpine Linux, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
    - **Language-specific packages** (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
    - High accuracy, especially [Alpine Linux][alpine] and RHEL/CentOS
 - Supply chain security (SBOM support)
    - Support CycloneDX
    - Support SPDX
    - Generating and Scanning SBOM
    - Leveraging in-toto attestations
    - Integrated with [Sigstore]
 - Misconfiguration detection (IaC scanning) 
    - Wide variety of security checks are provided **out of the box**
    - Kubernetes, Docker, Terraform, and more
    - User-defined policies using [OPA Rego][rego]
 - Secret detection
    - A wide variety of built-in rules are provided **out of the box**
    - User-defined patterns
    - Efficient scanning of container images
 - Simple
    - Available in apt, yum, brew, dockerhub
    - **No pre-requisites** such as a database, system libraries, or eny environmental requirements. The binary runs anywhere.
    - The first scan will finish within 10 seconds (depending on your network). Consequent scans will finish instantaneously.
 - Fits your workflow
    - **Great for CI** such as GitHub Actions, Jenkins, GitLab CI, etc.
    - Available as extension for IDEs such as vscode, jetbrains, vim
    - Available as extension for Docker Desktop, Rancher Desktop
    - See [Ecosystem] section in the documentation.
 ## FAQ
 ### How to pronounce the name "Trivy"?
@@ -143,6 +114,7 @@ Contact us about any matter by opening a GitHub Discussion [here][discussions]
 [docker-pulls]: https://img.shields.io/docker/pulls/aquasec/trivy?logo=docker&label=docker%20pulls%20%2F%20trivy
 [license]: https://github.com/aquasecurity/trivy/blob/main/LICENSE
 [license-img]: https://img.shields.io/badge/License-Apache%202.0-blue.svg
 [homepage]: https://trivy.dev
 [docs]: https://aquasecurity.github.io/trivy
 [pronunciation]: #how-to-pronounce-the-name-trivy
--- a/docs/docs/advanced/private-registries/ecr.md
+++ b/docs/docs/advanced/private-registries/ecr.md
@@ -2,3 +2,34 @@ Trivy uses AWS SDK. You don't need to install `aws` CLI tool.
 You can use [AWS CLI's ENV Vars][env-var].
 [env-var]: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html
 ### AWS private registry permissions
 You may need to grant permissions to allow Trivy to pull images from private ECR.
 It depends on how you want to provide AWS Role to trivy.
 - [IAM Role Service account](https://github.com/aws/amazon-eks-pod-identity-webhook)
 - [Kube2iam](https://github.com/jtblin/kube2iam) or [Kiam](https://github.com/uswitch/kiam)
 #### IAM Role Service account
 Add the AWS role in trivy's service account annotations:
 ```yaml
 trivy:
  serviceAccount:
    annotations: {}
      # eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT_ID:role/IAM_ROLE_NAME
 ```
 #### Kube2iam or Kiam
 Add the AWS role to pod's annotations:
 ```yaml
 podAnnotations: {}
  ## kube2iam/kiam annotation
  # iam.amazonaws.com/role: arn:aws:iam::ACCOUNT_ID:role/IAM_ROLE_NAME
 ```
--- a/docs/docs/index.md
+++ b/docs/docs/index.md
@@ -1,72 +1,5 @@
 # Docs
-This documentation details how to use Trivy to access the features listed below.
+In this section you can find the complete reference documentation for all of the different features and settings that Trivy has to offer.
-## Features
+👈 Please use the side-navigation on the left in order to browse the different topics.
 - Comprehensive vulnerability detection
    - [OS packages][os] (Alpine, Wolfi, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
    - [**Language-specific packages**][lang] (Bundler, Composer, Pipenv, Poetry, npm, yarn, pnpm, Cargo, NuGet, Maven, and Go)
 - Detect IaC misconfigurations
    - A wide variety of [built-in policies][builtin] are provided **out of the box**:
        - Kubernetes
        - Docker
        - Terraform
        - more coming soon
    - Support custom policies
 - Simple
    - Specify only an image name, a directory containing IaC configs, or an artifact name
    - See [Quick Start][quickstart]
 - Fast
    - The first scan will finish within 10 seconds (depending on your network). Consequent scans will finish in single seconds.
    - Unlike other scanners that take long to fetch vulnerability information (~10 minutes) on the first run, and encourage you to maintain a durable vulnerability database, Trivy is stateless and requires no maintenance or preparation.
 - Easy installation
    - `apt-get install`, `yum install` and `brew install` is possible (See [Installation][installation])
    - **No pre-requisites** such as installation of DB, libraries, etc.
 - High accuracy
    - **Especially Alpine Linux and RHEL/CentOS**
    - Other OSes are also high
 - DevSecOps
    - **Suitable for CI** such as Travis CI, CircleCI, Jenkins, GitLab CI, etc.
    - See [CI Example][integrations]
 - Support multiple formats
    - container image
        - A local image in Docker Engine which is running as a daemon
        - A local image in [Podman][podman] (>=2.0) which is exposing a socket
        - A remote image in Docker Registry such as Docker Hub, ECR, GCR and ACR
        - A tar archive stored in the `docker save` / `podman save` formatted file
        - An image directory compliant with [OCI Image Format][oci]
    - local filesystem and rootfs
    - remote git repository
 - [SBOM][sbom] (Software Bill of Materials) support
    - CycloneDX
    - SPDX
    - GitHub Dependency Snapshots
 Please see [LICENSE][license] for Trivy licensing information.
 [installation]: ../getting-started/installation.md
 [vuln]: ../docs/vulnerability/scanning/index.md
 [misconf]: ../docs/misconfiguration/scanning.md
 [kubernetesoperator]: ../docs/kubernetes/operator/index.md
 [container]: ../docs/vulnerability/scanning/image.md
 [rootfs]: ../docs/vulnerability/scanning/rootfs.md
 [filesystem]: ../docs/vulnerability/scanning/filesystem.md
 [repo]: ../docs/vulnerability/scanning/git-repository.md
 [kubernetes]: ../docs/kubernetes/cli/scanning.md
 [standalone]: ../docs/references/modes/standalone.md
 [client-server]: ../docs/references/modes/client-server.md
 [integrations]: ../tutorials/integrations/index.md
 [os]: ../docs/vulnerability/detection/os.md
 [lang]: ../docs/vulnerability/detection/language.md
 [builtin]: ../docs/misconfiguration/policy/builtin.md
 [quickstart]: ../index.md
 [podman]: ../docs/advanced/container/podman.md
 [sbom]: ../docs/sbom/index.md
 [oci]: https://github.com/opencontainers/image-spec
 [license]:  https://github.com/aquasecurity/trivy/blob/main/LICENSE
--- a/docs/ecosystem/index.md
+++ b/docs/ecosystem/index.md
@@ -1,9 +1,9 @@
 #  Ecosystem
-Trivy is already integrated into many popular tools and applications, so that you can easily add security to your workflow.
+Trivy is integrated into many popular tools and applications, so that you can easily add security to your workflow.
 In this section you will find an aggregation of the different integrations. Integrations are listed as either "official" or "community". Official integrations are developed by the core Trivy team and supported by it. Community integrations are integrations developed by the community, and collected here for your convenience. For support or questions about community integrations, please contact the original developers.
-👈 Choose a category from the side menu to browse integrations.
+👈 Please use the side-navigation on the left in order to browse the different topics.
 ## Add missing integration
--- a/docs/getting-started/installation.md
+++ b/docs/getting-started/installation.md
@@ -1,6 +1,10 @@
-# CLI Installation
+# Installing Trivy
-## RHEL/CentOS
+In this section you will find an aggregation of the different ways to install Trivy. installations are listed as either "official" or "community". Official integrations are developed by the core Trivy team and supported by it. Community integrations are integrations developed by the community, and collected here for your convenience. For support or questions about community integrations, please contact the original developers.
 ## Install using Package Manager
 ### RHEL/CentOS (Official)
 === "Repository"
    Add repository setting to `/etc/yum.repos.d`.
@@ -24,7 +28,7 @@
    rpm -ivh https://github.com/aquasecurity/trivy/releases/download/{{ git.tag }}/trivy_{{ git.tag[1:] }}_Linux-64bit.rpm
    ```
-## Debian/Ubuntu
+### Debian/Ubuntu (Official)
 === "Repository"
    Add repository setting to `/etc/apt/sources.list.d`.
@@ -44,43 +48,47 @@
    sudo dpkg -i trivy_{{ git.tag[1:] }}_Linux-64bit.deb
    ```
-## Arch Linux
+### Homebrew (Official)
-Package trivy can be installed from the Arch Community Package Manager.
+Homebrew for MacOS and Linux.
 ```bash
 pacman -S trivy
 ```
 ## Homebrew
 You can use homebrew on macOS and Linux.
 ```bash
 brew install trivy
 ```
-## MacPorts
+### Arch Linux (Community)
-You can also install `trivy` via [MacPorts](https://www.macports.org) on macOS:
+Arch Community Package Manager.
 ```bash
 pacman -S trivy
 ```
 References: 
 - <https://archlinux.org/packages/community/x86_64/trivy/>
 - <https://github.com/archlinux/svntogit-community/blob/packages/trivy/trunk/PKGBUILD>
 ### MacPorts (Community)
 [MacPorts](https://www.macports.org) for MacOS.
 ```bash
 sudo port install trivy
 ```
-More info [here](https://ports.macports.org/port/trivy/).
+References:
 - <https://ports.macports.org/port/trivy/details/>
-## Nix/NixOS
+### Nix/NixOS (Community)
-Direct issues installing `trivy` via `nix` through the channels mentioned [here](https://nixos.wiki/wiki/Support)
+Nix package manager for Linux and MacOS.
-You can use `nix` on Linux or macOS and on other platforms unofficially.
+=== "Command line"
 `nix-env --install -A nixpkgs.trivy`
-Or through your configuration as usual
+=== "Configuration"
 NixOS:
 ```nix
  # your other config ...
@@ -90,7 +98,7 @@ NixOS:
  ];
 ```
-home-manager:
+=== "Home Manager"
 ```nix
  # your other config ...
@@ -100,165 +108,51 @@ home-manager:
  ];
 ```
-## Install Script
+References: 
 -  <https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/admin/trivy/default.nix>
-This script downloads Trivy binary based on your OS and architecture.
+## Install from GitHub Release (Official)
 ### Download Binary
 1. Download the file for your operating system/architecture from [GitHub Release assets](https://github.com/aquasecurity/trivy/releases/tag/{{ git.tag }}) (`curl -LO https://url.to/trivy.tar.gz`).  
 2. Unpack the downloaded archive (`tar -xzf ./trivy.tar.gz`).
 3. Put the binary somewhere in your `$PATH` (e.g `mv ./trivy /usr/local/bin/`).
 4. Make sure the binary has execution bit turned on (`chmod +x ./trivy`).
 ### Install Script
 The process above can be automated by the following script:
 ```bash
 curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin {{ git.tag }}
 ```
-## Binary
+### Install from source
 Download the archive file for your operating system/architecture from [here](https://github.com/aquasecurity/trivy/releases/tag/{{ git.tag }}).
 Unpack the archive, and put the binary somewhere in your `$PATH` (on UNIX-y systems, /usr/local/bin or the like).
 Make sure it has execution bits turned on.
 ## From source
 ```bash
 mkdir -p $GOPATH/src/github.com/aquasecurity
 cd $GOPATH/src/github.com/aquasecurity
 git clone --depth 1 --branch {{ git.tag }} https://github.com/aquasecurity/trivy
-cd trivy/cmd/trivy/
+cd trivy
 export GO111MODULE=on
 go install
 ```
-## Docker
+## Use container image
-### Docker Hub
+1. Pull Trivy image (`docker pull aquasec/trivy:{{ git.tag[1:] }}`)
-
+2. It is advisable to mount a consistent [cache dir](https://aquasecurity.github.io/trivy/{{ git.tag }}/docs/vulnerability/examples/cache/) on the host into the Trivy container.
-Replace [YOUR_CACHE_DIR] with the cache directory on your machine.
+3. For scanning container images with Trivy, mount `docker.sock` from the host into the Trivy container.
 ```bash
 docker pull aquasec/trivy:{{ git.tag[1:] }}
 ```
 Example:
 === "Linux"
 ``` bash
-    docker run --rm -v [YOUR_CACHE_DIR]:/root/.cache/ aquasec/trivy:{{ git.tag[1:] }} image [YOUR_IMAGE_NAME]
+docker run -v /var/run/docker.sock:/var/run/docker.sock -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy:{{ git.tag[1:] }} image python:3.4-alpine
 ```
-=== "macOS"
+Registry | Repository | Link | Supportability
-
+Docker Hub | `docker.io/aquasec/trivy` | https://hub.docker.com/r/aquasec/trivy | Official
-    ``` bash
+GitHub Container Registry (GHCR) | `ghcr.io/aquasecurity/trivy` | https://github.com/orgs/aquasecurity/packages/container/package/trivy | Official
-    docker run --rm -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy:{{ git.tag[1:] }} image [YOUR_IMAGE_NAME]
+AWS Elastic Container Registry (ECR) | `public.ecr.aws/aquasecurity/trivy` | https://gallery.ecr.aws/aquasecurity/trivy | Official
    ```
 If you would like to scan the image on your host machine, you need to mount `docker.sock`.
 ```bash
 docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
    -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy:{{ git.tag[1:] }} image python:3.4-alpine
 ```
 Please re-pull latest `aquasec/trivy` if an error occurred.
 <details>
 <summary>Result</summary>
 ```bash
 2019-05-16T01:20:43.180+0900    INFO    Updating vulnerability database...
 2019-05-16T01:20:53.029+0900    INFO    Detecting Alpine vulnerabilities...
 python:3.4-alpine3.9 (alpine 3.9.2)
 ===================================
 Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 0, CRITICAL: 0)
 +---------+------------------+----------+-------------------+---------------+--------------------------------+
 | LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION |             TITLE              |
 +---------+------------------+----------+-------------------+---------------+--------------------------------+
 | openssl | CVE-2019-1543    | MEDIUM   | 1.1.1a-r1         | 1.1.1b-r1     | openssl: ChaCha20-Poly1305     |
 |         |                  |          |                   |               | with long nonces               |
 +---------+------------------+----------+-------------------+---------------+--------------------------------+
 ```
 </details>
 ### GitHub Container Registry
 The same image is hosted on [GitHub Container Registry][registry] as well.
 ```bash
 docker pull ghcr.io/aquasecurity/trivy:{{ git.tag[1:] }}
 ```
 ### Amazon ECR Public
 The same image is hosted on [Amazon ECR Public][ecr] as well.
 ```bash
 docker pull public.ecr.aws/aquasecurity/trivy:{{ git.tag[1:] }}
 ```
 ### AWS private registry permissions
 You may need to grant permissions to allow trivy to pull images from private registry (AWS ECR).
 It depends on how you want to provide AWS Role to trivy.
 - [IAM Role Service account](https://github.com/aws/amazon-eks-pod-identity-webhook)
 - [Kube2iam](https://github.com/jtblin/kube2iam) or [Kiam](https://github.com/uswitch/kiam)
 #### IAM Role Service account
 Add the AWS role in trivy's service account annotations:
 ```yaml
 trivy:
  serviceAccount:
    annotations: {}
      # eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT_ID:role/IAM_ROLE_NAME
 ```
 #### Kube2iam or Kiam
 Add the AWS role to pod's annotations:
 ```yaml
 podAnnotations: {}
  ## kube2iam/kiam annotation
  # iam.amazonaws.com/role: arn:aws:iam::ACCOUNT_ID:role/IAM_ROLE_NAME
 ```
 > **Tip**: List all releases using `helm list`.
 ## Other Tools to use and deploy Trivy
-For additional tools and ways to install and use Trivy in different environments such as in Docker Desktop and Kubernetes clusters, see the links in the [Ecosystem section](../ecosystem/index.md).
+For additional tools and ways to install and use Trivy in different environments such as in IDE, Kubernetes or CI/CD, see [Ecosystem section](../ecosystem/index.md).
 [ecr]: https://gallery.ecr.aws/aquasecurity/trivy
 [registry]: https://github.com/orgs/aquasecurity/packages/container/package/trivy
 [helm]: https://github.com/aquasecurity/trivy/tree/{{ git.tag }}/helm/trivy
 [slack]: https://slack.aquasec.com
 [operator-docs]: https://aquasecurity.github.io/trivy-operator/latest/
 [vuln]: ./docs/vulnerability/scanning/index.md
 [misconf]: ./docs/misconfiguration/scanning.md
 [kubernetesoperator]: ./docs/kubernetes/operator/index.md
 [container]: ./docs/vulnerability/scanning/image.md
 [rootfs]: ./docs/vulnerability/scanning/rootfs.md
 [filesystem]: ./docs/vulnerability/scanning/filesystem.md
 [repo]: ./docs/vulnerability/scanning/git-repository.md
 [kubernetes]: ./docs/kubernetes/cli/scanning.md
 [standalone]: ./docs/references/modes/standalone.md
 [client-server]: ./docs/references/modes/client-server.md
 [integrations]: ./tutorials/integrations/index.md
 [os]: ./docs/vulnerability/detection/os.md
 [lang]: ./docs/vulnerability/detection/language.md
 [builtin]: ./docs/misconfiguration/policy/builtin.md
 [quickstart]: ./getting-started/quickstart.md
 [podman]: ./docs/advanced/container/podman.md
 [sbom]: ./docs/sbom/index.md
 [oci]: https://github.com/opencontainers/image-spec
 [license]:  https://github.com/aquasecurity/trivy/blob/main/LICENSE
--- a/docs/index.md
+++ b/docs/index.md
@@ -10,9 +10,9 @@ hide:
 - You are currently in the [Getting Started] section where you can find general information and help with first steps.
 - In the [Tutorials] section you can find step-by-step guides that help you accomplish specific tasks.
- In the [CLI] section you will find the complete reference documentation for all of the different features and settings that Trivy has to offer.
+- In the [Docs] section you can find the complete reference documentation for all of the different features and settings that Trivy has to offer.
- In the [Ecosystem] section you will find how Trivy works together with other tools and applications that you might already use.
+- In the [Ecosystem] section you can find how Trivy works together with other tools and applications that you might already use.
- In the [Contributing] section you will find instructions about developing Trivy, and contribution guidelines.
+- In the [Contributing] section you can find technical developer documentation and contribution guidelines.
 # About Trivy
@@ -35,25 +35,25 @@ Scanners (what Trivy can find there):
 - Sensitive information and secrets
 - Software licenses
 To learn more, go to the [Trivy homepage][homepage] for feature highlights, or to the [Documentation site][Docs] for detailed information.
 ## Quick Start
 ### Get Trivy
-Trivy is available in most common distribution methods. The full list of installation options is available in the [Installation] page, here are a few popular options:
+Trivy is available in most common distribution channels. The complete list of installation options is available in the [Installation] page. Here are a few popular examples:
 - `apt-get install trivy`
 - `yum install trivy`
 - `brew install trivy`
 - `docker run aquasec/trivy`
 - Download binary from <https://github.com/aquasecurity/trivy/releases/latest/>
 - See [Installation] for more
-Trivy is integrated with many popular platforms and applications. The full list of integrations is available in the [Ecosystem] page. Here are a few popular options:
+Trivy is integrated with many popular platforms and applications. The complete list of integrations is available in the [Ecosystem] page. Here are a few popular options examples:
 - [GitHub Actions](https://github.com/aquasecurity/trivy-action)
 - [CircleCI](https://circleci.com/developer/orbs/orb/fifteen5/trivy-orb)
 - [Kubernetes operator](https://github.com/aquasecurity/trivy-operator)
 - [VS Code plugin](https://github.com/aquasecurity/trivy-vscode-extension)
-
+- See [Ecosystem] for more
 ### General usage
@@ -109,36 +109,6 @@ trivy k8s --report summary cluster
 </details>
 ## Highlights
 - Comprehensive vulnerability detection
    - OS packages (Alpine Linux, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
    - **Language-specific packages** (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
    - High accuracy, especially [Alpine Linux][alpine] and RHEL/CentOS
 - Supply chain security (SBOM support)
    - Support CycloneDX
    - Support SPDX
    - Generating and Scanning SBOM
    - Leveraging in-toto attestations
    - Integrated with [Sigstore]
 - Misconfiguration detection (IaC scanning) 
    - Wide variety of security checks are provided **out of the box**
    - Kubernetes, Docker, Terraform, and more
    - User-defined policies using [OPA Rego][rego]
 - Secret detection
    - A wide variety of built-in rules are provided **out of the box**
    - User-defined patterns
    - Efficient scanning of container images
 - Simple
    - Available in apt, yum, brew, dockerhub
    - **No pre-requisites** such as a database, system libraries, or eny environmental requirements. The binary runs anywhere.
    - The first scan will finish within 10 seconds (depending on your network). Consequent scans will finish instantaneously.
 - Fits your workflow
    - **Great for CI** such as GitHub Actions, Jenkins, GitLab CI, etc.
    - Available as extension for IDEs such as vscode, jetbrains, vim
    - Available as extension for Docker Desktop, Rancher Desktop
    - See [Ecosystem] section in the documentation.
 ## FAQ
 ### How to pronounce the name "Trivy"?
@@ -159,6 +129,8 @@ Contact us about any matter by opening a GitHub Discussion [here][discussions]
 [oss]: https://www.aquasec.com/products/open-source-projects/
 [discussions]: https://github.com/aquasecurity/trivy/discussions
 [homepage]: https://trivy.dev
 [Tutorials]: ./tutorials/overview
-[CLI]: ./docs
+[Docs]: ./docs
 [Getting Started]: ./
 [Contributing]: ./community/contribute/issue
--- a/docs/tutorials/overview.md
+++ b/docs/tutorials/overview.md
@@ -1,27 +1,18 @@
 # Tutorials
-Tutorials are a great way to learn about use cases and integrations. We highly encourage community members to share their Trivy use cases with us in the documentation.
+In this section you can find step-by-step guides that help you accomplish specific tasks.
-There are two ways to contributor to the tutorials section
+👈 Please use the side-navigation on the left in order to browse the different topics.
-1. If you are creating any external content on Trivy, we would love to have it as part of our list of [external community resources][community-resources]
+## Adding tutorials
 2. If you are creating an end-to-end tutorial on a specific Trivy use-case, we would love to feature it in our tutorial section. Read below how you can contribute tutorials to the docs.
-## Process for adding new tutorials
+You are welcome to create tutorials and showcase them here. Tutorials can be either included in here as full articles, or included as external links under [external community resources][community-resources]. 
 Before sending PR, please first create an issue (of kind "Documentation") and describe the suggestion, if it's external link or article, and what category it's under.
-Requirements
+Guidelines:
 - The tutorial has to provide an end-to-end set of instructions
 - Ideally, tutorials should focus on a specific use case
 - If the tutorial is featuring other tools, those should be open source, too
 - Make sure to describe the expected outcome after each instruction
-**Tip:** Make sure that your tutorial is concise about a specific use case or integration. 
+- Focus on a specific use case. Start by clearly describing the use case and when/who it is relevant for.
-
+- Provide an end-to-end set of instructions. Make sure anyone can easily follow.
-How to add a tutorial
+- Describe the expected outcome after each step. Include examples as much as possible.
 1. Simply create a new `.md` file in the tutorials folder of the docs
 2. Add your content 
 3. Create a new index in the mkdocs.yaml file which is in the [root directory](https://github.com/aquasecurity/trivy) of the repository
 4. Create a PR
 [community-resources]: additional-resources/community.md
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -32,7 +32,7 @@ nav:
          - Additional Resources: tutorials/additional-resources/references.md
          - Community References: tutorials/additional-resources/community.md
          - CKS Reference: tutorials/additional-resources/cks.md
-  - CLI:
+  - Docs:
      - Overview: docs/index.md
      - Vulnerability:
          - Scanning: