Step by Step process to install trivy and scan image using trivy for checking Docker images for known vulnerabilities (CVEs) before deployment.

Scan a list of container images using Aqua Security's trivy CLI tool

A unified web platform for container vulnerability scanning using Grype and Trivy. ContainerGuard provides a seamless interface for analyzing Docker container images and generates comprehensive PDF security reports

Scans container base images nightly for vulnerabilities using Syft and Trivy, stores results in SQLite, and generates daily security recommendations ranked by language.

No description available

Container image vulnerability scanning, security policies, and automated compliance checks using Trivy and Snyk

DevSecOps CI/CD pipeline with automated container security scanning using GitHub Actions, Docker, and Trivy.

Enterprise-grade secure container deployment using Kubernetes, GitOps (ArgoCD), image scanning (Trivy), signing (Cosign), and runtime security (Falco).

Container security assessment of OWASP Juice Shop using Trivy. Includes scan results, vulnerabilities, and lessons learned.

build a complete container security scanning platform, which analyzes Docker images for known CVEs (Common Vulnerabilities and Exposures) using Trivy

Container security using Trivy to scan, analyze, and remediate vulnerabilities in Docker images with hardened image comparison and CI/CD security checks.

Python-based container security orchestrator that scans Docker images using Trivy, aggregates vulnerability reports, and integrates with CI/CD pipelines.

Demonstration of how to scan Docker images and configuration files for vulnerabilities and security flaws using Trivy — an open-source container security tool from Aqua Security.

Production-grade DevOps CI/CD pipeline using GitHub Actions, Terraform, Docker, and Azure Container Apps with Blue-Green deployment, security scanning (Trivy), and Azure Monitor observability.

Enterprise-grade DevSecOps pipeline implementing Shift-Left Security. Automated SAST, SCA, and Container Scanning using GitHub Actions, Semgrep, Trivy, and pip-audit. Built for secure SDLC

Software Composition Analysis (SCA) security lab using Trivy. Scanned 1,640+ vulnerabilities in Docker images. Demonstrates container security expertise with vulnerability analysis and remediation guides.

A DevSecOps CI/CD pipeline implementation using Jenkins, Docker-in-Docker, and Trivy. Automates container security auditing by scanning images for CVEs and enforcing build failure on critical vulnerabilities.

Automates container image security scanning in a GitLab CI/CD pipeline using Trivy. Builds Docker images, scans for vulnerabilities, and enforces quality gates by failing the pipeline on high or critical issues. Integrates security early in development.

Integrated security scanning tools into the CI/CD pipeline to enforce security checks on code, containers, and dependencies. Automated code quality checks and vulnerability assessments using SonarQube, Trivy, and Snyk. Achieved 100% security policy compliance across all pipelines.

Full-stack DevSecOps showcase using FastAPI and React with automated security testing: Bandit SAST, OWASP ZAP DAST, Trivy container scan, pip-audit, and GitHub Actions CI.

End-to-end DevSecOps CI/CD pipeline implementing Shift-Left security principles. Features automated container image scanning, Policy-as-Code enforcement, and real-time threat detection using Trivy, GitHub Actions, and Kyverno

A complete Azure DevSecOps pipeline integrating Terraform-based cloud infrastructure, secure CI/CD workflows, container image scanning, Kubernetes configuration scanning, and automated Helm deployments to AKS. Includes Trivy security scans, SonarQube code analysis, AKS deployment models, and environment-based delivery using Azure DevOps.

A simple DevSecOps project using GitHub Actions. The pipeline runs CodeQL (SAST), Gitleaks (secrets scan), and Trivy (container scan) on every push and pull request. Helps enforce secure code delivery with automated security checks.

Secure AKS deployment on Azure using Terraform — private cluster, Calico network policies, Kubernetes RBAC, Workload Identity, Pod Security Standards, Microsoft Defender for Containers, and a GitHub Actions CI/CD pipeline with Trivy image scanning.

devsecops-react-project is a secure web application built with React and TypeScript, implementing a DevSecOps CI/CD pipeline using GitHub Actions, Docker, Semgrep, and Trivy. It demonstrates automated security testing, container scanning, and security gates integrated into the development lifecycle.

Automated GitOps CI/CD pipeline using GitHub Actions, Terraform, Docker, Trivy, and AWS ECS. Includes secure AWS OIDC authentication, infrastructure deployment, container delivery, security scanning, and an AI-powered pull request reviewer using Bedrock/OpenAI for intelligent code feedback.

End-to-end security audit and final deployment project demonstrating real-world web application penetration testing, container security scanning, API hardening, and remediation using Nikto, OWASP ZAP, Burp Suite (manual testing), Trivy, and secure deployment best practices with full documentation and evidence.

Automated container image scanning pipeline using GitHub Actions and Trivy. Builds Docker images, enforces a High/Critical vulnerability gate, and generates HTML reports, SBOMs, and SAST findings. Demonstrates DevSecOps, supply chain security, and CI-based risk controls.

Deploy containerized application to EC2 VM using Github Actions. A step-by-step guide to automating container builds, security scans, and deployments with Github Actions, AWS ECR, OIDC, Docker, SonarQube and Trivy

🚀 This project implements a DevOps pipeline for a Netflix clone using Docker for containerization, Jenkins for CI automation, SonarQube, Trivy, and OWASP for security scanning, and Prometheus, Grafana, and Node Exporter for monitoring. It ensures automated, secure deployments on Docker containers.