gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-23 15:37:50 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
d6418cf0de46e37a3d1cc7bd4692fa60c0f41eff
trivy/docs/misconfiguration/comparison/tfsec.md
Owen Rumney 9076a49b0f docs: Add comparison for cfsec (#1388) 
* Add cfsec comparison

* Add to mkdocs.yml
2021-11-17 16:42:17 +02:00

26 lines
1.7 KiB
Markdown
Raw Blame History

# vs tfsec
[tfsec][tfsec] uses static analysis of your Terraform templates to spot potential security issues.
Trivy uses tfsec internally to scan Terraform HCL files, but Trivy doesn't support some features provided by tfsec.
This section describes the differences between Trivy and tfsec.
| Feature | Trivy | tfsec |
| --------------------------- | --------------------------------------- | -------------------- |
| Built-in Policies | :material-check: | :material-check: |
| Custom Policies | Rego[^1] | JSON and YAML |
| Policy Metadata[^2] | :material-check: | :material-check: |
| Show Successes | :material-check: | :material-check: |
| Disable Policies | :material-check: | :material-check: |
| Show Issue Lines | :material-close: | :material-check: |
| Support .tfvars | :material-close: | :material-check: |
| View Statistics | :material-close: | :material-check: |
| Filtering by Severity | :material-check: | :material-close: |
| Supported Formats | Dockerfile, JSON, YAML, Terraform, etc. | Terraform |
[^1]: Terraform HCL files are not supported.
[^2]: To enrich the results such as ID, Title, Description, Severity, etc.
tfsec is designed for Terraform.
People who use only Terraform should use tfsec.
People who want to scan a wide range of configuration files should use Trivy.
[tfsec]: https://github.com/aquasecurity/tfsec
Reference in New Issue View Git Blame Copy Permalink