Trivy is an open-source vulnerability scanner designed for containers and containerized applications. Trivy focuses on identifying security vulnerabilities in container images. It is a lightweight and easy-to-use tool that integrates into the development and deployment pipeline.

Usage of Trivy in SSD

• SSD mandates security scans on images using Trivy. It connects with Trivy to see if the required version of the image has been scanned and if not done, SSD generates a security issue. It also triggers periodic vulnerability scans on the deployed images.

• Once the grype scan is done, SSD pulls container security scan results from grype, and this data is used to calculate the overall security status of the images and application, to generate alerts and remediation.

• SSD also pulls other scan results such as IAC configuration scan and secret scan and uses it to calculate the overall risk of the application. The scanned results are available in the Vulnerability Management page, Artifact section of the DBOM page, and the View Open Security Issues page.

• SSD imports SBOMs generated by Trivy and analyzes it to identify the supply chain security issues.

To Manage Trivy:

1. Navigate to Config > Integrations.

2. In the Artifact panel, click Trivy.

3. The Trivy integration page is displayed.

4. Enable the Vulnerability Scan and Helm Scan toggle button.

5. Click Save. The tool is connected.

6. You can edit the entered values by clicking the Edit option:

7. Enable or disable Vulnerability Scan and Helm Scan toggle button and click Update.

The new setting gets updated.