Skip to content
Toolradar
Trivy logo

Trivy

UnclaimedEditor reviewed

Security scanner for containers

CI/CDInfrastructure as CodeVulnerability Scanning
Visit Website

TL;DR - Trivy

  • Trivy is an open-source security scanner for containers and code
  • It finds vulnerabilities in images, filesystems, and IaC
  • Completely free and open-source
Pricing: Free forever
Best for: Individuals & startups

Pros & Cons

Pros

  • Free and open source
  • Fast scanning
  • Easy to use

Cons

  • Basic reporting
  • No managed option

Key Features

Security scannerContainersKubernetesSBOMIaC scanningOpen source

Pricing Plans

Most Popular

Free

Free

Open source

  • Container scanning
  • IaC scanning
  • SBOM
  • CI integration
Calculate your costView full pricing

What is Trivy?

Editorial review
Trivy is an open-source vulnerability scanner for containers, filesystems, and infrastructure as code. Scan container images for OS and library vulnerabilities. Check Kubernetes manifests and Terraform for misconfigurations. Fast and easy to integrate into CI/CD. Comprehensive database updated regularly. The security scanner DevOps teams actually run.
how we evaluateSourcetrivy.dev

Reviews

Be the first to review Trivy

Your take helps the next buyer. Verified LinkedIn reviewers get a badge.

Write a review

Best Trivy Alternatives

Top alternatives based on features, pricing, and user needs.

View full list →
Anchore logo
AnchoreFreemium

Container security scanning and compliance

Lacework logo
LaceworkPaid

Data-driven cloud security

Checkmarx logo
CheckmarxPaid

Application security testing platform

ZeroPath logo
ZeroPathPaid

AI-native application security platform that finds and auto-fixes critical code vulnerabilities.

Defense Unicorns logo
Defense UnicornsFreemium

Enabling modern software delivery to airgapped military systems, from cloud to edge.

See all CI/CD tools →

Explore More

Best CI/CD ToolsBest Infrastructure as Code ToolsBest Vulnerability Scanning ToolsBest Free CI/CDBest Free Infrastructure as CodeBest Free Vulnerability Scanning

Trivy FAQ

Is Trivy free?

Yes, Trivy is completely free and open source. Apache 2.0 license. Made by Aqua Security.

What is Trivy?

Trivy is a vulnerability scanner. Scan containers, filesystems, and repos. Comprehensive security scanner.

Trivy vs Snyk?

Trivy is free and CLI-focused. Snyk has better integrations and UI. Trivy for budget; Snyk for enterprise.

What does Trivy scan?

Container images, filesystems, git repos, and Kubernetes. OS packages and language dependencies. Very comprehensive.

Source: trivy.dev