Cloud Security: Container image and IaC scanning with Trivy
If you are using other people's resources -- container images, git repositories, or infrastructure configurations such as Dockerfile or Kubernetes Manifests -- you want to check those for vulnerabilities and misconfigurations.
In this video, I am introducing you to Trivy -- EVERY developer can get started with Trivy in minutes.
📚 Resources
✨Trivy Repository https://github.com/aquasecurity/trivy
✨Trivy Documentation https://aquasecurity.github.io/trivy/
✨Join the Aqua Slack channel if you have any questions https://slack.aquasec.com
⌚Timestamps⌚
00:00 - Intro Overview
00:55 - Our Application lifecycle
02:01 - The Trivy Repo and Docs
02:42 - Container Image Scanning
06:23 - Scan Git Repo for vulnerabilities
07:09 - Scan Kubernetes Manifests
07:37 - Scan Terraform configuration
08:33 - Scan Filesystems
09:31 - Outro
