Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

aquasecurity / trivy Public

Notifications You must be signed in to change notification settings
Fork 2.3k
Star 23.7k

Code
Issues 163
Pull requests 58
Discussions
Actions
Projects 1
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Security
Insights

Covestro Deutschland AG #6089

qcserestipy started this conversation in Adopters

Covestro Deutschland AG #6089

Feb 8, 2024

· 1 comment

Return to top

Discussion options

qcserestipy
Feb 8, 2024

-

How do you use Trivy?

We use the trivy operator to scan for vulnerable images in our production K8s cluster. We use vulnerability reports and config audit reports as source for policy decisions of our Open Policy Agent Gatekeeper to prevent further potentially vulnerable workloads running in our cluster. Additionally, we use the trivy scanner in our harbor container registry to ensure safe deployments to various production workloads such as apache airflow or gitlab runner.

Which targets are you scanning with Trivy?

Container Image
Filesystem
Git Repository
Virtual Machine Image
Kubernetes
AWS
SBOM

What kind of issues are scanning with Trivy?

Software Bill of Materials (SBOM)
Known vulnerabilities (CVEs)
IaC issues and misconfigurations
Sensitive information and secrets
Software licenses

Beta Was this translation helpful? Give feedback.

You must be logged in to vote

All reactions

❤️ 3

Replies: 1 comment

Oldest
Newest
Top

Comment options

AnaisUrlichs
Feb 12, 2024

-

Thank you so much for sharing! 😊

Beta Was this translation helpful? Give feedback.

You must be logged in to vote

All reactions

0 replies

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Category

Labels

None yet

2 participants

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.