Tutorial on running security scan with Trivy on Docker images. Learn how to run a scan on a Docker image, filter for vulnerabilities based on the severity level and output vulnerability tables to a JSON format.
Trivy Documentation: https://aquasecurity.github.io/trivy/v0.57/
Trivy Installation Guide: https://aquasecurity.github.io/trivy/v0.57/getting-started/installation/
CONNECT:
LinkedIn: https://www.linkedin.com/in/adrian-dolinay-frm-96a289106/
GitHub: https://github.com/ad17171717
X: https://twitter.com/DolinayG
Odysee: https://odysee.com/@adriandolinay:0
Medium: https://medium.com/@adriandolinay
PODCAST:
Apple Podcasts: https://podcasts.apple.com/us/podcast/the-aspiring-stem-geek/id1765996824
Audible: https://www.audible.com/podcast/The-Aspiring-STEM-Geek/B0DC73S9SN?eac_link=ONLefHtKpP93&ref=web_search_eac_asin_1&eac_selected_type=asin&eac_selected=B0DC73S9SN&qid=ZLZCJYZ17Q&eac_id=145-9930582-4977616_ZLZCJYZ17Q&sr=1-1
iHeart Radio: https://iheart.com/podcast/202676097/
Spotify: https://open.spotify.com/show/60dPNJbDPaPw7ru8g5btxV?si=26e034e416f446d8
|-Video Chapters-|
0:00 - Intro
0:33 - Installing Trivy
1:00 - Scanning images with Trivy
2:39 - Scanning for only critical vulnerabilities
3:05 - Comparing Docker Image vulnerabilities based on the underlying OS
3:49 - Outputting Trivy scans to a JSON file
4:12 - Listing vulnerabilities only if they have a fixed version
4:38 - Dealing with vulnerabilities
5:22 - Conclusion
