aquasecurity/trivy-pipe aquasecurity/trivy-pipe

  • Stars
    star
    13
  • Rank 1,462,773 (Top 30 %)
  • Language
    Shell
  • License
    Apache License 2.0
  • Created over 2 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
aquasecurity/trivy-pipe
github

aquasecurity

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Bitbucket Pipe for running Trivy in a Pipeline

More Repositories

1

trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Go
21,358
star
2

tfsec

Security scanner for your Terraform code
Go
6,557
star
3

kube-bench

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
Go
5,935
star
4

kube-hunter

Hunt for security weaknesses in Kubernetes clusters
Python
4,588
star
5

tracee

Linux Runtime Security and Forensics using eBPF
Go
3,255
star
6

cloudsploit

Cloud Security Posture Management (CSPM)
JavaScript
3,145
star
7

starboard

Moved to https://github.com/aquasecurity/trivy-operator
Go
1,344
star
8

trivy-operator

Kubernetes-native security toolkit
Go
1,041
star
9

microscanner

Scan your container images for package vulnerabilities with Aqua Security
Dockerfile
856
star
10

kubectl-who-can

Show who has RBAC permissions to perform actions on different resources in Kubernetes
Go
793
star
11

chain-bench

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
Go
699
star
12

trivy-action

Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities
Shell
683
star
13

cloud-security-remediation-guides

Security Remediation Guides
679
star
14

libbpfgo

eBPF library for Go. Powered by libbpf.
Go
670
star
15

vuln-list

NVD, Ubuntu, Alpine
396
star
16

btfhub

BTFhub, in collaboration with the BTFhub Archive repository, supplies BTF files for all published kernels that lack native support for embedded BTF. This joint effort ensures that even kernels without built-in BTF support can effectively leverage the benefits of eBPF programs, promoting compatibility across various kernel versions.
Go
329
star
17

esquery

An idiomatic Go query builder for ElasticSearch
Go
294
star
18

kube-query

[EXPERIMENTAL] Extend osquery to report on Kubernetes
Go
220
star
19

defsec

Trivy's misconfiguration scanning engine
Go
206
star
20

trivy-db

Go
202
star
21

fanal

Static Analysis Library for Containers
Go
201
star
22

postee

Simple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.
Go
201
star
23

harbor-scanner-trivy

Use Trivy as a plug-in vulnerability scanner in the Harbor registry
Go
198
star
24

docker-bench

Checks whether Docker is deployed according to security best practices as defined in the CIS Docker Benchmark
Go
179
star
25

cloudsec-icons

A collection of cloud security icons ☁️🔒
Go
178
star
26

manifesto

Use Manifesto to store and query metadata for container images.
Go
165
star
27

vuln-list-update

Go
161
star
28

tfsec-pr-commenter-action

Add comments to pull requests where tfsec checks have failed
Go
160
star
29

linux-bench

Checks whether a Linux server according to security best practices as defined in the CIS Distribution-Independent Linux Benchmark
Go
145
star
30

go-dep-parser

Dependency Parser for Multiple Programming Languages
Go
143
star
31

lmdrouter

Go HTTP router library for AWS API Gateway-invoked Lambda Functions
Go
133
star
32

appshield

Security configuration checks for popular cloud native applications and infrastructure.
Open Policy Agent
118
star
33

starboard-lens-extension

Lens extension for viewing Starboard security information
TypeScript
114
star
34

trivy-vscode-extension

A VS Code Extension for Trivy
TypeScript
102
star
35

btfhub-archive

The BTFhub Archive repository provides BTF files for those published kernels that lack native support for embedded BTF, thereby enhancing the versatility of eBPF programs across different kernel versions.
82
star
36

aqua-helm

Helm Charts For Installing Aqua Security Components
Mustache
82
star
37

table

🧮 Tables for terminals, in Go.
Go
64
star
38

tracee-action

Protect GitHub Actions with Tracee
Open Policy Agent
60
star
39

cfsec

Static analysis for CloudFormation templates to identify common misconfiguration
Go
58
star
40

starboard-octant-plugin

Octant plugin for viewing Starboard security information
Go
57
star
41

deployments

All Aqua deployments options and aquactl configuration
Shell
52
star
42

tfsec-sarif-action

Shell
51
star
43

tfsec-action

Vanilla GitHub action to run tfsec
Shell
48
star
44

trivy-azure-pipelines-task

An Azure Pipelines Task for trivy
TypeScript
40
star
45

community

Aqua Security's open source community
37
star
46

harbor-scanner-aqua

Aqua Enterprise scanner as a plug-in vulnerability scanner in the Harbor registry
Go
33
star
47

go-version

A Go library for parsing and verifying versions and version constraints.
Go
32
star
48

aqua-operator

The aqua-operator is a group of controllers that runs within a Kubernetes or Openshift cluster that provides a means to deploy and manage Aqua Security cluster and Components.
Go
32
star
49

trivy-operator-lens-extension

https://github.com/aquasecurity/trivy-operator
TypeScript
31
star
50

vscode-tfsec

vscode extension for tfsec
TypeScript
31
star
51

terraform-provider-aquasec

Go
30
star
52

trivy-java-db

Go
25
star
53

trivy-kubernetes

Trivy kubernetes library
Go
25
star
54

trivy-plugin-kubectl

A Trivy plugin that scans the images of a kubernetes resource
Shell
23
star
55

trivy-checks

Go
20
star
56

trivy-plugin-referrer

Trivy plugin for OCI referrers
Go
20
star
57

trivy-enforcer

[EXPERIMENTAL] Kubernetes Operator for Image Assurance
Go
20
star
58

chain-bench-action

Shell
19
star
59

aqua-aws

The repository not supported any more. Please use this one https://github.com/aquasecurity/deployments
HCL
18
star
60

trivy-docker-extension

Docker Desktop Extension for Trivy
TypeScript
18
star
61

starboard-operator

The Starboard Operator has moved to the main Starboard repo, and this one is being retired
Go
16
star
62

saas-terraform-connection

Terraform modules for CloudSploit Scanner
HCL
14
star
63

trivy-ci-test

Dockerfile
14
star
64

saas-api-samples

Sample code snippets for consuming the CloudSploit API
JavaScript
13
star
65

circleci-orb-microscanner

Enables scanning of docker builds in CircleCi for OS package vulnerabilities.
Dockerfile
13
star
66

windows-bench

Checks whether a Windows server according to security best practices as defined in the CIS Distribution-Independent Windows Benchmark
Go
13
star
67

vim-tfsec

List your tfsec issues in the QuickFix window with this plugin.
Vim Script
12
star
68

helm-charts

Aqua Open Source Helm Chart Repository
12
star
69

vim-trivy

Vim Plugin for Trivy
Vim Script
12
star
70

trivy-plugin-aqua

Makefile
11
star
71

binfinder

Find binary files not installed through package manager
Go
11
star
72

tracee-tester

This is a spin-off from Tracee project responsible for generating the docker image that tests open-source signatures.
Shell
10
star
73

gobard

Unofficial Golang API for Bard Chat.
Go
9
star
74

trivy-sarif-demo

JavaScript
9
star
75

go-git-pr-commenter

library for adding comments to git PRs
Go
9
star
76

cloud-metadata

Common metadata repository for CSPM and TFSec checks
Go
9
star
77

tracee-test-kernels

Kernels for testing tracee CO-RE feature
C
9
star
78

bench-common

Common code for hardening benchmarks
Go
9
star
79

aws-security-hub-plugin

Aqua Security AWS Security Hub plugin
9
star
80

trivy-repo

deb/rpm repository for Trivy
8
star
81

aqua-dash

Sample Aqua CSP dashboard
Vue
8
star
82

scan-cve-2018-8115

Python
7
star
83

pipeline-enforcer-action

TypeScript
7
star
84

intellij-trivy

Trivy Plugin for the JetBrains family of IDEs
Java
7
star
85

go-pep440-version

A golang library for parsing PEP 440 compliant Python versions
Go
7
star
86

build-security-action

GitHub Action for Aqua Build Security
Shell
7
star
87

go-npm-version

A golang library for parsing npm versions
Go
6
star
88

amazon-eks-devsecops

PHP
6
star
89

trivy-plugin-attest

Publish SBOM attestation
Go
6
star
90

tfsec-azure-pipelines-task

An Azure DevOps Task for tfsec
TypeScript
6
star
91

trivy-iac

Go
5
star
92

trivy-module-wordpress

Trivy example module for WordPress
Go
5
star
93

saas-integrations

CloudSploit third-party integrations
JavaScript
5
star
94

reportgen

PDF reports for Aqua CSP image and host vulnerabilities
Go
5
star
95

avd-generator

Generator component for AVD
CSS
5
star
96

testdocker

Test utilities for Docker Engine/Registry
Go
5
star
97

secfixes-tracker

Forked from https://gitlab.alpinelinux.org/kaniini/secfixes-tracker
Python
5
star
98

starboard-aqua-csp-webhook

The image scan results webhook configurable in Aqua CSP management console to integrate with the Starboard tool kit.
Go
5
star
99

trivy-test-images

Test images for Trivy
Shell
4
star
100

homebrew-trivy

Ruby
4
star