Container vulnerability scanning with Trivy

Cloud Native DC

Aug 10, 2021, 10:00 – 11:00 PM

Virtual event

About this event

With unrelenting attacks from malicious hackers on business critical software and infrastructure, the "Shift-left" approach for security testing has gained substantial momentum in the enterprises. The recommended approach for an improved security posture is to test early and test often. 

Trivy is an open-source vulnerability scanning tools - or a CLI utility - that can easily integrate into the development inner-loop and in the continuous integration (CI) pipeline. It looks for known vulnerabilities in target operating-system and third-party application dependencies and categorically displays the results.  

In this meetup, Faheem, Principal DevOps Architect @ Amobee Inc, will review and demonstrate how Trivy works from the CLI and a Jenkins Pipeline.


  • Faheem Memon

    Freewheel / Comcast

    Principal Engineer


  • Faheem Memon

    Freewheel / Comcast

    Principal Engineer

  • Matthew Cascio

    American Red Cross

    Governance & Strategy | CNCF Ambassador