Trivy

AWS Azure Security 2 variations

Trivy security scanner with an offline vulnerability database, ready to scan on your first command.

Base
Hardened build
minimal ports, security patches applied at build time
Access
Unique credentials
generated on first boot, readable only by root
Verified
Boots working
services pass a health gate before release
Support
24/7, 365 days
by email and live chat, 24 hour response SLA

Variations

Choose the operating system, cloud and version you need. Every variation is the same hardened Trivy image, built and supported by cloudimg.

ProductCloudOperating systemVersion
Trivy Security Scanner AWS Standard View · Guide
Trivy on Ubuntu 24.04 LTS Azure Ubuntu 24.04 Standard View · Guide

Overview

Trivy is an open source security scanner from Aqua Security that finds vulnerabilities, misconfigurations, secrets and software bill of materials issues. From a single binary it scans container images, filesystems, Git repositories, infrastructure as code, Kubernetes manifests and more.

Why the cloudimg image

The cloudimg image is hardened and fully patched with Trivy preinstalled, its binary checksum verified against the official release and the full vulnerability database preloaded on a dedicated resizable data disk, so scans run immediately and work in air gapped environments. Every instance is backed by 24/7 cloudimg support for CI integration, severity gating and policy configuration.

Common uses

  • Container image scanning
  • Infrastructure as code scanning
  • Air gapped vulnerability scanning