Install Trivy Check Vulnerability Container Docker di Linux

  • Whatsapp

Diposting kali ini, akan mengenalkan software trivy sebagai tools untuk pengecekan dan analisa vulnerability yang terdapat pada container docker dengan kelebihan pengecekan seperti OS Package (Alpine, RHEL, Centos, Debian, Ubuntu, Amzon dan Distroless) dan Library Package. Berikut tahapan installasi pada Ubuntu dan RHEL/Centos serta pemakaian secara default.

Install Trivy on Ubuntu

sudo sudo apt-get install wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -

 

echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy

Install Trivy on RHEL/Centos

sudo vim /etc/yum.repos.d/trivy.repo

 

[trivy]
name=Trivy repository
baseurl=https://aquasecurity.github.io/trivy-repo/rpm/releases/$releasever/$basearch/
gpgcheck=0
enabled=1

 

sudo yum -y update
sudo yum -y install trivy

 

Usage Trivy

trivy name_docker_image
Example trivy tomcat:8

 

Link Referensi : https://github.com/aquasecurity/trivy#installation

Pos terkait

Tinggalkan Balasan

Alamat email Anda tidak akan dipublikasikan. Ruas yang wajib ditandai *

This site uses Akismet to reduce spam. Learn how your comment data is processed.