Trivy Operator

Kubernetes-native security toolkit
Alternatives To Trivy Operator
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Portainer24,9211a day ago78April 21, 20211,080zlibGo
Making Docker and Kubernetes management easy.
Trivy16,6472513 hours ago176September 16, 2022382apache-2.0Go
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Authelia15,809118 hours ago34September 19, 2022104apache-2.0Go
The Single Sign-On Multi-Factor portal for web apps
Vitess15,766667 hours ago397September 01, 2022816apache-2.0Go
Vitess is a database clustering system for horizontal scaling of MySQL.
Cilium14,7151512 hours ago547September 14, 20221,106apache-2.0Go
eBPF-based Networking, Security, and Observability
Teleport13,982612 hours ago252July 29, 20212,412apache-2.0Go
The easiest, most secure way to access infrastructure.
Linkerd29,4311118 hours ago108March 23, 2022273apache-2.0Go
Ultralight, security-first service mesh for Kubernetes. Main repo for Linkerd 2.x.
Kubescape8,112212 hours ago142September 19, 202274apache-2.0Go
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
Devops Resources6,520
2 months ago10Groovy
DevOps resources - Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP
12 hours ago64September 20, 2022140otherGo
Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
Alternatives To Trivy Operator
Select To Compare

Alternative Project Comparisons

Trivy-operator logo

Kubernetes-native security toolkit. (Documentation)

GitHub Release Build Action Release snapshot Action Go Report Card License GitHub All Releases Docker Pulls Trivy-operator Artifact Hub


There are lots of security tools in the cloud native world, created by Aqua and by others, for identifying and informing users about security issues in Kubernetes workloads and infrastructure components. However powerful and useful they might be, they tend to sit alongside Kubernetes, with each new product requiring users to learn a separate set of commands and installation steps in order to operate them and find critical security information.

The Trivy-Operator leverages trivy security tools by incorporating their outputs into Kubernetes CRDs (Custom Resource Definitions) and from there, making security reports accessible through the Kubernetes API. This way users can find and view the risks that relate to different resources in what we call a Kubernetes-native way.

The Trivy operator automatically updates security reports in response to workload and other changes on a Kubernetes cluster, generating the following reports:

  • Vulnerability Scans: Automated vulnerability scanning for Kubernetes workloads.
  • ConfigAudit Scans: Automated configuration audits for Kubernetes resources with predefined rules or custom Open Policy Agent (OPA) policies.
  • Exposed Secret Scans: Automated secret scans which find and detail the location of exposed Secrets within your cluster.
  • RBAC scans: Role Based Access Control scans provide detailed information on the access rights of the different resources installed.
  • K8s core component infra assessment scan Kubernetes infra core components (etcd,apiserver,scheduler,controller-manager and etc) setting and configuration.
  • Compliance reports
    • NSA, CISA Kubernetes Hardening Guidance v1.1 cybersecurity technical report is produced.
    • CIS Kubernetes Benchmark v1.23 cybersecurity technical report is produced.
    • Kubernetes pss-baseline, Pod Security Standards
    • Kubernetes pss-restricted, Pod Security Standards

Trivy-operator Overview

_Please star the repo if you want us to continue developing and improving trivy-operator! _


Although we are trying to keep new releases backward compatible with previous versions, this project is still incubating, and some APIs and Custom Resource Definitions may change.


The official Documentation provides detailed installation, configuration, troubleshooting, and quick start guides.

You can install the Trivy-operator Operator with Static YAML Manifests and follow the Getting Started guide to see how vulnerability and configuration audit reports are generated automatically.


At this early stage we would love your feedback on the overall concept of Trivy-Operator. Over time, we'd love to see contributions integrating different security tools so that users can access security information in standard, Kubernetes-native ways.

  • See Contributing for information about setting up your development environment, and the contribution workflow that we expect.
  • Please ensure that you are following our Code Of Conduct during any interaction with the Aqua projects and their community.

Trivy-Operator is an Aqua Security open source project.
Learn about our Open Source Work and Portfolio.
Join the community, and talk to us about any matter in GitHub Discussions or Slack.

Popular Security Projects
Popular Kubernetes Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Security Tools
Cloud Native
Vulnerability Scanners
Vulnerability Detection