Skip to content
Toolradar
Trivy logo

Trivy

UnclaimedEditor reviewed

Security scanner for containers

SecurityDevOpsInfrastructure as CodeTesting & QA
Visit Website
Reviews onPeerSpot
12 reviews tracked

The Bottom Line

Entry price

Free, no paid tier

Biggest pro

Free and open source

Biggest con

Basic reporting

TL;DR - Trivy

  • Trivy is an open-source security scanner for containers and code
  • It finds vulnerabilities in images, filesystems, and IaC
  • Completely free and open-source
Pricing: Free forever
Best for: Individuals & startups
4.3/5 across review platforms

What is Trivy?

Editorial review
Trivy is an open-source vulnerability scanner for containers, filesystems, and infrastructure as code. Scan container images for OS and library vulnerabilities. Check Kubernetes manifests and Terraform for misconfigurations. Fast and easy to integrate into CI/CD. Comprehensive database updated regularly. The security scanner DevOps teams actually run.

Available on: Web

how we evaluateSourcetrivy.dev

Pros & Cons

Pros

  • Free and open source
  • Fast scanning
  • Easy to use

Cons

  • Basic reporting
  • No managed option

Ratings Across the Web

4.3(12 reviews)
PeerSpot12 reviews
4.3/5

Ratings aggregated from independent review platforms. Learn more

Key Features

Security scannerContainersKubernetesSBOMIaC scanningOpen source

Pricing Plans

Pricing checked May 29, 2026

Most Popular

Free

Free

Open source

  • Container scanning
  • IaC scanning
  • SBOM
  • CI integration
Calculate your costView full pricing

Reviews

4.3/5

Across 12 verified user reviews on PeerSpot

Add your hands-on experience to help the next buyer.

Write a Toolradar review

Best Trivy Alternatives

Top alternatives based on features, pricing, and user needs.

Prisma Cloud logo
Prisma CloudPaid

Cloud-native security platform

4.4
Aqua Security logo
Aqua SecurityPaid

Cloud native security for containers and Kubernetes

4.2
Clair logo
ClairFree

Static vulnerability analysis for containers

4.4
See all Security tools →

Still deciding?

Most buyers shortlist 2 or 3 tools before committing. Pull a side-by-side comparison or browse the full alternatives shortlist below.

Trivy vs Prisma CloudHead-to-head: features, pricing, who winsTrivy vs Aqua SecurityHead-to-head: features, pricing, who winsTrivy vs ClairHead-to-head: features, pricing, who wins

Explore More

Best Security ToolsBest DevOps ToolsBest Infrastructure as Code ToolsBest Testing & QA ToolsBest Free SecurityBest Free DevOpsBest Free Infrastructure as CodeBest Free Testing & QA

Trivy FAQ

Is Trivy free?

Yes, Trivy is completely free and open source. Apache 2.0 license. Made by Aqua Security.

What is Trivy?

Trivy is a vulnerability scanner. Scan containers, filesystems, and repos. Comprehensive security scanner.

Trivy vs Snyk?

Trivy is free and CLI-focused. Snyk has better integrations and UI. Trivy for budget; Snyk for enterprise.

What does Trivy scan?

Container images, filesystems, git repos, and Kubernetes. OS packages and language dependencies. Very comprehensive.

Source: trivy.dev

Guides & Articles

Best Compliance Management Software in 2026

Expert guide

Best Secrets Management Tools in 2026

Expert guide

Best Observability Platforms in 2026

Expert guide