gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity

docs: update ecosystem page reporting with db app (#6201)

Browse Source 
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
This commit is contained in:
Anais Urlichs
2024-02-27 02:47:30 +00:00
committed by GitHub
parent dc76c6e4f4
commit eb54bb5da5
1 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
docs/ecosystem/reporting.md
View File

@@ -1,26 +1,32 @@
# Reporting
## SonarQube (Community)
A Trivy plugin that converts JSON report to SonarQube [generic issues format](https://docs.sonarqube.org/9.6/analyzing-source-code/importing-external-issues/generic-issue-import-format/).
👉 Get it at: <https://github.com/umax/trivy-plugin-sonarqube>
## DefectDojo (Community)
DefectDojo can parse Trivy JSON reports. The parser supports deduplication and auto-close features.
👉 Get it at: <https://github.com/DefectDojo/django-DefectDojo>
## SecObserve (Community)
SecObserve can parse Trivy results as CycloneDX reports and provides an unified overview of vulnerabilities from different sources. Vulnerabilities can be evaluated with manual and rule based assessments.
👉 Get it at: <https://github.com/MaibornWolff/SecObserve>
## Scan2html (Community)
A Trivy plugin that scans and outputs the results to an interactive html file.
👉 Get it at: <https://github.com/fatihtokus/scan2html>
## SonarQube (Community)
A Trivy plugin that converts JSON report to SonarQube [generic issues format](https://docs.sonarqube.org/9.6/analyzing-source-code/importing-external-issues/generic-issue-import-format/).
👉 Get it at: <https://github.com/umax/trivy-plugin-sonarqube>
## Trivy-Streamlit (Community)
Trivy-Streamlit is a Streamlit application that allows you to quickly parse the results from a Trivy JSON report.
👉 Get it at: <https://github.com/mfreeman451/trivy-streamlit>
## SecObserve (Community)
SecObserve can parse Trivy results as CycloneDX reports and provides an unified overview of vulnerabilities from different sources. Vulnerabilities can be evaluated with manual and rule based assessments.
## Trivy-Vulnerability-Explorer (Community)
👉 Get it at: <https://github.com/MaibornWolff/SecObserve>
This project is a web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.
👉 Get it at: <https://github.com/dbsystel/trivy-vulnerability-explorer>