GitHub

Trivy IOC Scanner

Binary & hash scanning Trivy executables on the filesystem matching any of the 10 known malicious SHA256 hashes for v0.69.4, or binaries self-reporting that version GitHub Actions run log audit ...
GitHub

Trivy Action

In this case trivy.yaml is a YAML configuration that is checked in as part of the repo. Detailed information is available on the Trivy website but an example is as follows: It uses actions/cache under ...
InfoWorld

Integrate security into CI/CD with the Trivy scanner

Open source Trivy plugs into the software build process and scans container images and infrastructure-as-code files for vulnerabilities and misconfigurations. Attacks on cloud-native infrastructures ...