Monday, January 6, 2025

How to Set Up AquaSec Trivy Scanner | How to install AquaSec Trivy Scanner on Linux OS

What is Trivy?

  • open-source security scanner tool developed by Aqua Security. 
  • Used for vulnerability scanning in such as 
    • container images 
    • file systems/folders 
    • Git repositories
    • Kubernetes clusters
    • misconfiguration in files such as Terraform, K8S manifest files
  • Trivy helps identify security issues and misconfigurations early in the software development lifecycle.

How to Install Trivy scanner?

Trivy scanner can be installed so many ways. Check here for more information. But we will using APT package manager to install on Ubuntu.

sudo apt-get install wget gnupg -y
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null 
echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | sudo tee -a /etc/apt/sources.list.d/trivy.list 
sudo apt-get update 
sudo apt-get install trivy -y

Check Trivy got installed
trivy --version


This confirm that Trivy got installed successfully.

Perform some scan locally

trivy image nginx


No comments:

Post a Comment

Top 10 DevOps Popular Tools | Popular DevOps Tools You Must Know In 2025 | Learn DevOps Tools in 2025

Here are the top 10 DevOps Tools to focus on to put your DevOps learning on a  faster track  and kick start your career quickly as a success...