site_name: Trivy site_url: https://trivy.dev/ site_description: Trivy - All-in-one open source security scanner docs_dir: docs/ repo_name: GitHub repo_url: https://github.com/aquasecurity/trivy edit_uri: "blob/main/docs/" nav: - Home: index.md - Getting Started: - First steps: getting-started/index.md - Installation: getting-started/installation.md - Signature Verification: getting-started/signature-verification.md - FAQ: getting-started/faq.md - Tutorials: - Overview: tutorials/overview.md - CI/CD: - Overview: tutorials/integrations/index.md - GitHub Actions: tutorials/integrations/github-actions.md - CircleCI: tutorials/integrations/circleci.md - Travis CI: tutorials/integrations/travis-ci.md - GitLab CI: tutorials/integrations/gitlab-ci.md - Bitbucket Pipelines: tutorials/integrations/bitbucket.md - AWS CodePipeline: tutorials/integrations/aws-codepipeline.md - AWS Security Hub: tutorials/integrations/aws-security-hub.md - Azure: tutorials/integrations/azure-devops.md - Kubernetes: - Cluster Scanning: tutorials/kubernetes/cluster-scanning.md - Kyverno: tutorials/kubernetes/kyverno.md - GitOps: tutorials/kubernetes/gitops.md - Misconfiguration: - Terraform scanning: tutorials/misconfiguration/terraform.md - Custom Checks with Rego: tutorials/misconfiguration/custom-checks.md - Signing: - Vulnerability Scan Record Attestation: tutorials/signing/vuln-attestation.md - Shell: - Completion: tutorials/shell/shell-completion.md - Additional Resources: - Additional Resources: tutorials/additional-resources/references.md - Community References: tutorials/additional-resources/community.md - CKS Reference: tutorials/additional-resources/cks.md - User Guide: - Overview: guide/index.md - Target: - Container Image: guide/target/container_image.md - Filesystem: guide/target/filesystem.md - Rootfs: guide/target/rootfs.md - Code Repository: guide/target/repository.md - Virtual Machine Image: guide/target/vm.md - Kubernetes: guide/target/kubernetes.md - SBOM: guide/target/sbom.md - Scanner: - Vulnerability: guide/scanner/vulnerability.md - Misconfiguration: - Overview: guide/scanner/misconfiguration/index.md - Configuration: guide/scanner/misconfiguration/config/config.md - Policy: - Built-in Checks: guide/scanner/misconfiguration/check/builtin.md - Custom Checks: - Overview: guide/scanner/misconfiguration/custom/index.md - Data: guide/scanner/misconfiguration/custom/data.md - Combine: guide/scanner/misconfiguration/custom/combine.md - Selectors: guide/scanner/misconfiguration/custom/selectors.md - Schemas: guide/scanner/misconfiguration/custom/schema.md - Testing: guide/scanner/misconfiguration/custom/testing.md - Debugging Policies: guide/scanner/misconfiguration/custom/debug.md - Contribute Checks: guide/scanner/misconfiguration/custom/contribute-checks.md - Secret: guide/scanner/secret.md - License: guide/scanner/license.md - Coverage: - Overview: guide/coverage/index.md - OS: - Overview: guide/coverage/os/index.md - AlmaLinux: guide/coverage/os/alma.md - Alpine Linux: guide/coverage/os/alpine.md - Amazon Linux: guide/coverage/os/amazon.md - Azure Linux (CBL-Mariner): guide/coverage/os/azure.md - Bottlerocket: guide/coverage/os/bottlerocket.md - CentOS: guide/coverage/os/centos.md - Chainguard: guide/coverage/os/chainguard.md - CoreOS: guide/coverage/os/coreos.md - Debian: guide/coverage/os/debian.md - Echo: guide/coverage/os/echo.md - MinimOS: guide/coverage/os/minimos.md - Oracle Linux: guide/coverage/os/oracle.md - Photon OS: guide/coverage/os/photon.md - Red Hat: guide/coverage/os/rhel.md - Rocky Linux: guide/coverage/os/rocky.md - SUSE: guide/coverage/os/suse.md - Ubuntu: guide/coverage/os/ubuntu.md - Wolfi: guide/coverage/os/wolfi.md - Google Distroless (Images): guide/coverage/os/google-distroless.md - Language: - Overview: guide/coverage/language/index.md - C/C++: guide/coverage/language/c.md - Dart: guide/coverage/language/dart.md - .NET: guide/coverage/language/dotnet.md - Elixir: guide/coverage/language/elixir.md - Go: guide/coverage/language/golang.md - Java: guide/coverage/language/java.md - Julia: guide/coverage/language/julia.md - Node.js: guide/coverage/language/nodejs.md - PHP: guide/coverage/language/php.md - Python: guide/coverage/language/python.md - Ruby: guide/coverage/language/ruby.md - Rust: guide/coverage/language/rust.md - Swift: guide/coverage/language/swift.md - IaC: - Overview: guide/coverage/iac/index.md - Ansible: guide/coverage/iac/ansible.md - Azure ARM Template: guide/coverage/iac/azure-arm.md - CloudFormation: guide/coverage/iac/cloudformation.md - Docker: guide/coverage/iac/docker.md - Helm: guide/coverage/iac/helm.md - Kubernetes: guide/coverage/iac/kubernetes.md - Terraform: guide/coverage/iac/terraform.md - Others: - Overview: guide/coverage/others/index.md - Bitnami Images: guide/coverage/others/bitnami.md - Conda: guide/coverage/others/conda.md - Root.io Images: guide/coverage/others/rootio.md - Seal Security: guide/coverage/others/seal.md - RPM Archives: guide/coverage/others/rpm.md - Kubernetes: guide/coverage/kubernetes.md - Configuration: - Overview: guide/configuration/index.md - Filtering: guide/configuration/filtering.md - Selecting Files: guide/configuration/skipping.md - Reporting: guide/configuration/reporting.md - Cache: guide/configuration/cache.md - Databases: guide/configuration/db.md - Others: guide/configuration/others.md - Supply Chain: - SBOM: guide/supply-chain/sbom.md - Attestation: - SBOM: guide/supply-chain/attestation/sbom.md - Cosign Vulnerability Scan Record: guide/supply-chain/attestation/vuln.md - SBOM Attestation in Rekor: guide/supply-chain/attestation/rekor.md - VEX: - Overview: guide/supply-chain/vex/index.md - VEX Repository: guide/supply-chain/vex/repo.md - Local VEX Files: guide/supply-chain/vex/file.md - VEX SBOM Reference: guide/supply-chain/vex/sbom-ref.md - VEX Attestation: guide/supply-chain/vex/oci.md - Compliance: - Built-in Compliance: guide/compliance/compliance.md - Custom Compliance: guide/compliance/contrib-compliance.md - Plugins: - Overview: guide/plugin/index.md - User guide: guide/plugin/user-guide.md - Developer guide: guide/plugin/developer-guide.md - Advanced: - Modules: guide/advanced/modules.md - Connectivity and Network considerations: guide/advanced/air-gap.md - Self-Hosting Trivy's Databases: guide/advanced/self-hosting.md - Container Image: - Embed in Dockerfile: guide/advanced/container/embed-in-dockerfile.md - Unpacked container image filesystem: guide/advanced/container/unpacked-filesystem.md - Private Docker Registries: - Overview: guide/advanced/private-registries/index.md - Docker Hub: guide/advanced/private-registries/docker-hub.md - AWS ECR (Elastic Container Registry): guide/advanced/private-registries/ecr.md - GCR (Google Container Registry): guide/advanced/private-registries/gcr.md - ACR (Azure Container Registry): guide/advanced/private-registries/acr.md - Self-Hosted: guide/advanced/private-registries/self.md - Usage Telemetry: guide/advanced/telemetry.md - References: - Configuration: - CLI: - Overview: guide/references/configuration/cli/trivy.md - Clean: guide/references/configuration/cli/trivy_clean.md - Config: guide/references/configuration/cli/trivy_config.md - Convert: guide/references/configuration/cli/trivy_convert.md - Filesystem: guide/references/configuration/cli/trivy_filesystem.md - Image: guide/references/configuration/cli/trivy_image.md - Kubernetes: guide/references/configuration/cli/trivy_kubernetes.md - Module: - Module: guide/references/configuration/cli/trivy_module.md - Module Install: guide/references/configuration/cli/trivy_module_install.md - Module Uninstall: guide/references/configuration/cli/trivy_module_uninstall.md - Plugin: - Plugin: guide/references/configuration/cli/trivy_plugin.md - Plugin Info: guide/references/configuration/cli/trivy_plugin_info.md - Plugin Install: guide/references/configuration/cli/trivy_plugin_install.md - Plugin List: guide/references/configuration/cli/trivy_plugin_list.md - Plugin Run: guide/references/configuration/cli/trivy_plugin_run.md - Plugin Uninstall: guide/references/configuration/cli/trivy_plugin_uninstall.md - Plugin Update: guide/references/configuration/cli/trivy_plugin_update.md - Plugin Upgrade: guide/references/configuration/cli/trivy_plugin_upgrade.md - Plugin Search: guide/references/configuration/cli/trivy_plugin_search.md - Registry: - Registry: guide/references/configuration/cli/trivy_registry.md - Registry Login: guide/references/configuration/cli/trivy_registry_login.md - Registry Logout: guide/references/configuration/cli/trivy_registry_logout.md - Repository: guide/references/configuration/cli/trivy_repository.md - Rootfs: guide/references/configuration/cli/trivy_rootfs.md - SBOM: guide/references/configuration/cli/trivy_sbom.md - Server: guide/references/configuration/cli/trivy_server.md - Version: guide/references/configuration/cli/trivy_version.md - VEX: - VEX: guide/references/configuration/cli/trivy_vex.md - VEX Download: guide/references/configuration/cli/trivy_vex_repo_download.md - VEX Init: guide/references/configuration/cli/trivy_vex_repo_init.md - VEX List: guide/references/configuration/cli/trivy_vex_repo_list.md - VEX Repo: guide/references/configuration/cli/trivy_vex_repo.md - VM: guide/references/configuration/cli/trivy_vm.md - Config file: guide/references/configuration/config-file.md - Modes: - Standalone: guide/references/modes/standalone.md - Client/Server: guide/references/modes/client-server.md - Troubleshooting: guide/references/troubleshooting.md - Terminology: guide/references/terminology.md - Abbreviations: guide/references/abbreviations.md - Ecosystem: - Overview: ecosystem/index.md - CI/CD: ecosystem/cicd.md - IDE and Dev tools: ecosystem/ide.md - Production and Clouds: ecosystem/prod.md - Reporting: ecosystem/reporting.md - Contributing: - Principles: community/principles.md - How to contribute: - Issues: community/contribute/issue.md - Discussions: community/contribute/discussion.md - Pull Requests: community/contribute/pr.md - Contribute Rego Checks: - Overview: community/contribute/checks/overview.md - Add Service Support: community/contribute/checks/service-support.md - Contribute Vulnerability Data Sources: - Overview: community/contribute/vulnerability-database/overview.md - Add Vulnerability Advisory Source: community/contribute/vulnerability-database/add-vulnerability-source.md - Maintainer: - PR Review: community/maintainer/pr-review.md - Release Flow: community/maintainer/release-flow.md - Backporting: community/maintainer/backporting.md - Help Wanted: community/maintainer/help-wanted.md - Triage: community/maintainer/triage.md - Enterprise: - Comparison: commercial/compare.md - Contact Us: commercial/contact.md theme: name: material custom_dir: docs/overrides language: "en" logo: imgs/logo-white.svg features: - navigation.tabs - navigation.tabs.sticky - navigation.sections - navigation.footer - content.action.edit - content.tabs.link - content.code.annotate - content.code.copy font: text: Inter markdown_extensions: - abbr - admonition - attr_list - def_list - footnotes - md_in_html - toc: permalink: true - pymdownx.highlight - pymdownx.details - pymdownx.magiclink - pymdownx.snippets - pymdownx.superfences: custom_fences: - name: mermaid class: mermaid format: !!python/name:pymdownx.superfences.fence_code_format - pymdownx.tabbed: alternate_style: true extra: generator: false version: method: mike provider: mike default: latest social: - icon: fontawesome/brands/x-twitter link: https://twitter.com/AquaTrivy - icon: fontawesome/brands/github link: https://github.com/aquasecurity/trivy analytics: provider: google property: G-V9LJGFH7GX plugins: - search - macros