Adopt
Trivy is an open-source vulnerability scanner for containers and other targets. It utilizes an extensive vulnerability database to scan for CVEs, software dependencies in use and common misconfigurations.
Trivy is lightweight and has no external dependencies, making it suitable for use in CI/CD pipelines. Additionally, it can support developers by providing actionable remediation advice, making it easier to fix vulnerabilities.
As it has proven to be a good fit for both our needs and into our development pipelines, we strongly recommend to give it a try in your own projects.