Great repository scanner to get an allround look at the dependencies vulnerabilities of all (nested) codebases in a folder structure
Trivy has different scanners that look for different security issues, and different targets where it can find those issues.
scans
- Container Image
- Filesystem
- Git repository (remote)
- Kubernetes cluster or resource
Scanner modules
- OS packages and software dependencies in use (SBOM)
- Known vulnerabilities (CVEs)
- IaC misconfigurations
- Sensitive information and secrets
installation and usage
brew install trivy
trivy fs . > trivy-scan.txt