=================
What is Trivy?
=================

=> Trivy stands for "A Simple and Comprehensive Vulnerability Scanner"

=> It is Developed by Aqua Security

=> It is used to Scan:
	
	1) Docker Images

	2) File Systems

	3) Git Repositories

	4) Kubernetes manifest YMLs

	5) Terraform scripts


#### Trivy Use Case in DevOps:

	1) Ensure security before deployment

	2) Integrate with CI/CD pipelines


=======================
Installing Trivy
=======================

Step-1 : Create Linux VM with Ubuntu AMI

Step-2 : Connect with Linux VM and execute below script

sudo apt update -y
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin	

Step-3 : Test Installation

trivy --version


=======================
Scanning Docker Images
=======================

Syntax : $ trivy image <image-name>

Ex: $ trivy image nginx:latest


// Filter by Severity

$ trivy image --severity HIGH,CRITICAL nginx:latest


// Save output to file

$ trivy image nginx:latest > report.txt

=================================
Scanning File System/Directories
==================================

$ trivy fs /path/of/dir/

=> Use this for scanning source code folders


==================================
Scanning Kubernetes YAML
==================================

$ trivy config deployment.yml

=> Detects misconfigurations in the k8s yml file

=============================
Scanning GitHub Repositories
=============================

$ trivy repo https://github.com/ashokitschool/maven-web-app.git

=> Scans remote repos

=> Checks for vulnerabilities in dependency files like package.json, pom.xml, requirements.txt