[GitHub Trending] aquasecurity/trivy

Trivy by Aqua Security is a versatile open-source scanner supporting container images, filesystems, git repos, VM images, and Kubernetes targets. It finds OS packages (SBOM), CVEs, IaC misconfigurations, secrets, and licenses across numerous languages and platforms, with quick install via brew or docker. Integrations include GitHub Actions, a Kubernetes operator, and a VS Code plugin, plus canary builds for bleeding-edge testing.

aquasecurity