Tools

Trivy

Commands

File system scan

trivy fs --severity HIGH,CRITICAL --scanners vuln . 

Docker image scan

trivy image --severity HIGH,CRITICAL --scanners vuln --dependency-tree ubuntu:latest

Use template for scan in Windows
(html.tpl file located in working dir)

trivy image --format template --template '@html.tpl' centos | Out-File -FilePath .\report.html

Templates

HTML Template
https://github.com/aquasecurity/trivy/blob/main/contrib/html.tpl

• nice output
• easy to copy&paste into Excel sheet