Scan an Image for Vulnerabilities and Configuration Flaws with Trivy
|
Scan container images for vulnerabilities with Trivy, an open-source tool. Protect your company’s reputation and avoid legal challenges. Learn how to reduce and remove vulnerabilities in this tutorial.
At a Glance
Deploying container images with security vulnerabilities opens you and your company to serious danger. An image with known vulnerabilities can destroy your reputation, open your company up to legal challenges, and can cause you to lose your job. Fortunately, scanning container images can be easy, inexpensive, and even free. In this project, you will use Trivy, an open-source tool to scan container configuration file and container image.
In this project, you will put container image vulnerability scanning in practice. You’ll be using Trivy, an open-source container security tool that demonstrates the ability to scan both a container configuration file (Dockerfile) and a container image. In a project scenario, Trivy could be provided to developers on their workstations to allow scanning and feedback during coding, as well as being integrated into an automated CI/CD pipeline for formal build validation. Other open-source and commercial container image scanning tools are also available.
This tutorial shows you how to create an image and scan it to highlight any vulnerabilities and configuration flaws. Using this information, you can reduce and remove vulnerabilities and flaws where possible.
