Trivy is good. It comes bundled with the harbor docker registry, meaning you get security analysis of your images and provide for some level of security as you can prevent pulling critical images (or whatever level you deem necessary).
I’ve had a great experience with Trivy, very solid tool, very easy to write automation around.
Is this what powers AquaSec?
it's super easy to integrate in every ci/cd pipeline
> Trivy (tri pronounced like trigger, vy pronounced like envy)
That's not the first thing that comes to mind..
but anyway what's the catch, does it rely on a more complete IaC-style deployment than you often find?
It seems that this does the same thing as Anchore. Is there a difference that I'm not seeing? Also, I couldn't find anything for Trivy that gives you a nice web UI like what Snyk does, or did I miss something there as well?