Container Security

Trivy

Scanner for container images, filesystems, IaC, dependencies, secrets, and SBOMs.

containerdockerkubernetesiacsbomvulnerability

Best For

Good for adding practical security checks to Docker, Kubernetes, and CI/CD learning workflows.

Responsible Use

Use this tool only in owned environments, classroom labs, CTFs, or engagements where you have explicit written permission. Keep notes focused on findings, risk, and remediation.

Official Resource

https://trivy.dev/