Scan IaC directory trivy
Find misconfigurations in Terraform/Kubernetes/Helm code
trivy config --severity MEDIUM,HIGH,CRITICAL ./terraform
more trivy
all 15 commands →
Ignore unfixed CVEs
trivy image --ignore-unfixed --severity HIGH,CRITICAL img:tag
Update vulnerability DB
trivy image --download-db-only
Scan filesystem
trivy fs .
Scan Kubernetes cluster
trivy k8s --report summary cluster
Scan with SARIF output
trivy image --format sarif --output results.sarif myimage:tag