site_name: Trivy site_url: https://trivy.dev/ site_description: Trivy - All-in-one open source security scanner docs_dir: docs/ repo_name: GitHub repo_url: https://github.com/aquasecurity/trivy edit_uri: "blob/main/docs/" nav: - Home: index.md - Getting Started: - First steps: getting-started/index.md - Installation: getting-started/installation.md - Signature Verification: getting-started/signature-verification.md - FAQ: getting-started/faq.md - Tutorials: - Overview: tutorials/overview.md - CI/CD: - Overview: tutorials/integrations/index.md - GitHub Actions: tutorials/integrations/github-actions.md - CircleCI: tutorials/integrations/circleci.md - Travis CI: tutorials/integrations/travis-ci.md - GitLab CI: tutorials/integrations/gitlab-ci.md - Bitbucket Pipelines: tutorials/integrations/bitbucket.md - AWS CodePipeline: tutorials/integrations/aws-codepipeline.md - AWS Security Hub: tutorials/integrations/aws-security-hub.md - Azure: tutorials/integrations/azure-devops.md - Kubernetes: - Cluster Scanning: tutorials/kubernetes/cluster-scanning.md - Kyverno: tutorials/kubernetes/kyverno.md - GitOps: tutorials/kubernetes/gitops.md - Misconfiguration: - Terraform scanning: tutorials/misconfiguration/terraform.md - Custom Checks with Rego: tutorials/misconfiguration/custom-checks.md - Signing: - Vulnerability Scan Record Attestation: tutorials/signing/vuln-attestation.md - Shell: - Completion: tutorials/shell/shell-completion.md - Additional Resources: - Additional Resources: tutorials/additional-resources/references.md - Community References: tutorials/additional-resources/community.md - CKS Reference: tutorials/additional-resources/cks.md - Docs: - Overview: docs/index.md - Target: - Container Image: docs/target/container_image.md - Filesystem: docs/target/filesystem.md - Rootfs: docs/target/rootfs.md - Code Repository: docs/target/repository.md - Virtual Machine Image: docs/target/vm.md - Kubernetes: docs/target/kubernetes.md - SBOM: docs/target/sbom.md - Scanner: - Vulnerability: docs/scanner/vulnerability.md - Misconfiguration: - Overview: docs/scanner/misconfiguration/index.md - Configuration: docs/scanner/misconfiguration/config/config.md - Policy: - Built-in Checks: docs/scanner/misconfiguration/check/builtin.md - Custom Checks: - Overview: docs/scanner/misconfiguration/custom/index.md - Data: docs/scanner/misconfiguration/custom/data.md - Combine: docs/scanner/misconfiguration/custom/combine.md - Selectors: docs/scanner/misconfiguration/custom/selectors.md - Schemas: docs/scanner/misconfiguration/custom/schema.md - Testing: docs/scanner/misconfiguration/custom/testing.md - Debugging Policies: docs/scanner/misconfiguration/custom/debug.md - Contribute Checks: docs/scanner/misconfiguration/custom/contribute-checks.md - Secret: docs/scanner/secret.md - License: docs/scanner/license.md - Coverage: - Overview: docs/coverage/index.md - OS: - Overview: docs/coverage/os/index.md - AlmaLinux: docs/coverage/os/alma.md - Alpine Linux: docs/coverage/os/alpine.md - Amazon Linux: docs/coverage/os/amazon.md - Azure Linux (CBL-Mariner): docs/coverage/os/azure.md - Bottlerocket: docs/coverage/os/bottlerocket.md - CentOS: docs/coverage/os/centos.md - Chainguard: docs/coverage/os/chainguard.md - Debian: docs/coverage/os/debian.md - Echo: docs/coverage/os/echo.md - MinimOS: docs/coverage/os/minimos.md - Oracle Linux: docs/coverage/os/oracle.md - Photon OS: docs/coverage/os/photon.md - Red Hat: docs/coverage/os/rhel.md - Rocky Linux: docs/coverage/os/rocky.md - SUSE: docs/coverage/os/suse.md - Ubuntu: docs/coverage/os/ubuntu.md - Wolfi: docs/coverage/os/wolfi.md - Google Distroless (Images): docs/coverage/os/google-distroless.md - Language: - Overview: docs/coverage/language/index.md - C/C++: docs/coverage/language/c.md - Dart: docs/coverage/language/dart.md - .NET: docs/coverage/language/dotnet.md - Elixir: docs/coverage/language/elixir.md - Go: docs/coverage/language/golang.md - Java: docs/coverage/language/java.md - Node.js: docs/coverage/language/nodejs.md - PHP: docs/coverage/language/php.md - Python: docs/coverage/language/python.md - Ruby: docs/coverage/language/ruby.md - Rust: docs/coverage/language/rust.md - Swift: docs/coverage/language/swift.md - Julia: docs/coverage/language/julia.md - IaC: - Overview: docs/coverage/iac/index.md - Azure ARM Template: docs/coverage/iac/azure-arm.md - CloudFormation: docs/coverage/iac/cloudformation.md - Docker: docs/coverage/iac/docker.md - Helm: docs/coverage/iac/helm.md - Kubernetes: docs/coverage/iac/kubernetes.md - Terraform: docs/coverage/iac/terraform.md - Others: - Overview: docs/coverage/others/index.md - Bitnami Images: docs/coverage/others/bitnami.md - Conda: docs/coverage/others/conda.md - Root.io Images: docs/coverage/others/rootio.md - RPM Archives: docs/coverage/others/rpm.md - Kubernetes: docs/coverage/kubernetes.md - Configuration: - Overview: docs/configuration/index.md - Filtering: docs/configuration/filtering.md - Selecting Files: docs/configuration/skipping.md - Reporting: docs/configuration/reporting.md - Cache: docs/configuration/cache.md - Databases: docs/configuration/db.md - Others: docs/configuration/others.md - Supply Chain: - SBOM: docs/supply-chain/sbom.md - Attestation: - SBOM: docs/supply-chain/attestation/sbom.md - Cosign Vulnerability Scan Record: docs/supply-chain/attestation/vuln.md - SBOM Attestation in Rekor: docs/supply-chain/attestation/rekor.md - VEX: - Overview: docs/supply-chain/vex/index.md - VEX Repository: docs/supply-chain/vex/repo.md - Local VEX Files: docs/supply-chain/vex/file.md - VEX SBOM Reference: docs/supply-chain/vex/sbom-ref.md - VEX Attestation: docs/supply-chain/vex/oci.md - Compliance: - Built-in Compliance: docs/compliance/compliance.md - Custom Compliance: docs/compliance/contrib-compliance.md - Plugins: - Overview: docs/plugin/index.md - User guide: docs/plugin/user-guide.md - Developer guide: docs/plugin/developer-guide.md - Advanced: - Modules: docs/advanced/modules.md - Connectivity and Network considerations: docs/advanced/air-gap.md - Self-Hosting Trivy's Databases: docs/advanced/self-hosting.md - Container Image: - Embed in Dockerfile: docs/advanced/container/embed-in-dockerfile.md - Unpacked container image filesystem: docs/advanced/container/unpacked-filesystem.md - Private Docker Registries: - Overview: docs/advanced/private-registries/index.md - Docker Hub: docs/advanced/private-registries/docker-hub.md - AWS ECR (Elastic Container Registry): docs/advanced/private-registries/ecr.md - GCR (Google Container Registry): docs/advanced/private-registries/gcr.md - ACR (Azure Container Registry): docs/advanced/private-registries/acr.md - Self-Hosted: docs/advanced/private-registries/self.md - Usage Telemetry: docs/advanced/telemetry.md - References: - Configuration: - CLI: - Overview: docs/references/configuration/cli/trivy.md - Clean: docs/references/configuration/cli/trivy_clean.md - Config: docs/references/configuration/cli/trivy_config.md - Convert: docs/references/configuration/cli/trivy_convert.md - Filesystem: docs/references/configuration/cli/trivy_filesystem.md - Image: docs/references/configuration/cli/trivy_image.md - Kubernetes: docs/references/configuration/cli/trivy_kubernetes.md - Module: - Module: docs/references/configuration/cli/trivy_module.md - Module Install: docs/references/configuration/cli/trivy_module_install.md - Module Uninstall: docs/references/configuration/cli/trivy_module_uninstall.md - Plugin: - Plugin: docs/references/configuration/cli/trivy_plugin.md - Plugin Info: docs/references/configuration/cli/trivy_plugin_info.md - Plugin Install: docs/references/configuration/cli/trivy_plugin_install.md - Plugin List: docs/references/configuration/cli/trivy_plugin_list.md - Plugin Run: docs/references/configuration/cli/trivy_plugin_run.md - Plugin Uninstall: docs/references/configuration/cli/trivy_plugin_uninstall.md - Plugin Update: docs/references/configuration/cli/trivy_plugin_update.md - Plugin Upgrade: docs/references/configuration/cli/trivy_plugin_upgrade.md - Plugin Search: docs/references/configuration/cli/trivy_plugin_search.md - Registry: - Registry: docs/references/configuration/cli/trivy_registry.md - Registry Login: docs/references/configuration/cli/trivy_registry_login.md - Registry Logout: docs/references/configuration/cli/trivy_registry_logout.md - Repository: docs/references/configuration/cli/trivy_repository.md - Rootfs: docs/references/configuration/cli/trivy_rootfs.md - SBOM: docs/references/configuration/cli/trivy_sbom.md - Server: docs/references/configuration/cli/trivy_server.md - Version: docs/references/configuration/cli/trivy_version.md - VEX: - VEX: docs/references/configuration/cli/trivy_vex.md - VEX Download: docs/references/configuration/cli/trivy_vex_repo_download.md - VEX Init: docs/references/configuration/cli/trivy_vex_repo_init.md - VEX List: docs/references/configuration/cli/trivy_vex_repo_list.md - VEX Repo: docs/references/configuration/cli/trivy_vex_repo.md - VM: docs/references/configuration/cli/trivy_vm.md - Config file: docs/references/configuration/config-file.md - Modes: - Standalone: docs/references/modes/standalone.md - Client/Server: docs/references/modes/client-server.md - Troubleshooting: docs/references/troubleshooting.md - Terminology: docs/references/terminology.md - Abbreviations: docs/references/abbreviations.md - Ecosystem: - Overview: ecosystem/index.md - CI/CD: ecosystem/cicd.md - IDE and Dev tools: ecosystem/ide.md - Production and Clouds: ecosystem/prod.md - Reporting: ecosystem/reporting.md - Contributing: - Principles: community/principles.md - How to contribute: - Issues: community/contribute/issue.md - Discussions: community/contribute/discussion.md - Pull Requests: community/contribute/pr.md - Contribute Rego Checks: - Overview: community/contribute/checks/overview.md - Add Service Support: community/contribute/checks/service-support.md - Maintainer: - PR Review: community/maintainer/pr-review.md - Release Flow: community/maintainer/release-flow.md - Backporting: community/maintainer/backporting.md - Help Wanted: community/maintainer/help-wanted.md - Triage: community/maintainer/triage.md - Enterprise: - Comparison: commercial/compare.md - Contact Us: commercial/contact.md - Partners: partners.md theme: name: material custom_dir: docs/overrides language: "en" logo: imgs/logo-white.svg features: - navigation.tabs - navigation.tabs.sticky - navigation.sections - navigation.footer - content.action.edit - content.tabs.link - content.code.annotate - content.code.copy font: text: Inter markdown_extensions: - abbr - admonition - attr_list - def_list - footnotes - md_in_html - toc: permalink: true - pymdownx.highlight - pymdownx.details - pymdownx.magiclink - pymdownx.snippets - pymdownx.superfences: custom_fences: - name: mermaid class: mermaid format: !!python/name:pymdownx.superfences.fence_code_format - pymdownx.tabbed: alternate_style: true extra: generator: false version: method: mike provider: mike default: latest social: - icon: fontawesome/brands/x-twitter link: https://twitter.com/AquaTrivy - icon: fontawesome/brands/github link: https://github.com/aquasecurity/trivy analytics: provider: google property: G-V9LJGFH7GX plugins: - search - macros