手機(jī)站首頁(yè)散文詩(shī)歌雜文隨筆日記小小說

散文網(wǎng) » 生活 »日常 » Trivy 容器漏洞掃描工具

Trivy 容器漏洞掃描工具

2023-06-26 21:38 作者:波叔8866 0人讀過 | 我要投稿

軟件簡(jiǎn)介

Trivy 是一個(gè)簡(jiǎn)單而且功能完整的容器漏洞掃描工具，特別使用用于持續(xù)集成。

準(zhǔn)確性比較

在 Alpine Linux 中檢測(cè)的漏洞?(2019/05/12)

詳細(xì)的比較請(qǐng)看?Comparison with other scanners?

特性

全面檢測(cè)漏洞

操作系統(tǒng) (Alpine,?Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, Debian and Ubuntu)
應(yīng)用依賴?(Bundler, Composer, Pipenv, npm, yarn and Cargo)

簡(jiǎn)單

Specify only an image name
詳情請(qǐng)看?Quick Start?和?Examples

易于安裝

No need for prerequirements?such as installation of DB, libraries, etc.
apt-get install?,??yum install??and??brew install??is possible (See?Installation)

準(zhǔn)確度高

Especially Alpine Linux and RHEL/CentOS?(See?Comparison with other scanners)
Other OSes are also high

DevSecOps

Suitable for CI?such as Travis CI, CircleCI, Jenkins, etc.
See?CI Example

安裝

RHEL/CentOS

Add repository setting to??/etc/yum.repos.d?.

$ sudo vim /etc/yum.repos.d/trivy.repo [trivy] name=Trivy repository baseurl=https://knqyf263.github.io/trivy-repo/rpm/releases/$releasever/$basearch/ gpgcheck=0 enabled=1 $ sudo yum -y update $ sudo yum -y install trivy

or

$ rpm -ivh https://github.com/knqyf263/trivy/releases/download/v0.0.13/trivy_0.0.13_Linux-64bit.rpm

Debian/Ubuntu

Replace??[CODE_NAME]??with your code name

CODE_NAME: wheezy, jessie, stretch, buster, trusty, xenial, bionic

$ sudo apt-get install apt-transport-https gnupg $ wget -qO - https://knqyf263.github.io/trivy-repo/deb/public.key | sudo apt-key add - $ echo deb https://knqyf263.github.io/trivy-repo/deb [CODE_NAME] main | sudo tee -a /etc/apt/sources.list.d/trivy.list $ sudo apt-get update$ sudo apt-get install trivy

or

$ sudo apt-get install rpm $ wget https://github.com/knqyf263/trivy/releases/download/v0.0.13/trivy_0.0.13_Linux-64bit.deb $ sudo dpkg -i trivy_0.0.13_Linux-64bit.deb

Mac OS X / Homebrew

You can use homebrew on OS X.

$ brew tap knqyf263/trivy$ brew install knqyf263/trivy/trivy

二進(jìn)制 (包括 Windows)

進(jìn)入?releases?頁(yè)面，找到相應(yīng)的把柄，解壓并增加可執(zhí)行權(quán)限。

從源碼安裝

$ go get -u github.com/knqyf263/trivy

標(biāo)簽：