Pre-configured Trivy security scanner with offline vulnerability database - scan containers, IaC, and repos instantly via SSH with no setup. 24/7 cloudimg support included.
Real screenshots of this software running on the cloudimg image, taken while testing the deployment guide.
This is a repackaged open source software product wherein additional charges apply for cloudimg support services.
## Overview
Trivy is the open source, Apache-2.0 licensed all-in-one security scanner from Aqua Security. It finds known vulnerabilities (CVEs) in operating system packages and language dependencies, detects infrastructure-as-code and Kubernetes misconfigurations, surfaces hard-coded secrets, and generates and scans software bills of materials (SBOMs). This AMI delivers Trivy fully installed and configured as a ready-to-use scanning workstation - SSH in and start scanning immediately with no setup required.
## Why Choose This AMI Over Self-Installation
Deploying Trivy from scratch requires installing the binary, downloading the multi-gigabyte vulnerability database, configuring cache paths, and verifying checksums. This AMI eliminates that entire workflow:
## All-In-One Security Scanning
## Getting Started
1. Launch the AMI on your preferred EC2 instance type
2. Connect over SSH using your key pair
3. Run `trivy image
4. Review results immediately - the pre-loaded database means no download wait
5. Refresh the database at any time with `trivy image --download-db-only` or let Trivy auto-update on its normal schedule
## Security Practices
The Trivy binary is verified against the official release checksum during the AMI build process. The vulnerability database resides on a dedicated EBS data disk that supports AWS encryption at rest. SSH access uses key-based authentication. All scanning is performed locally on the instance - no scan data leaves your environment unless you explicitly configure external reporting.
## Use Cases
## cloudimg Support
24/7 technical support by email and live chat covers scan configuration, severity gating and exit codes, ignore policies, SBOM generation, IaC and Kubernetes misconfiguration scanning, database refresh and air-gapped operation, and CI integration. Critical issues receive a one-hour average response.
## Next Steps
Contact support@cloudimg.co.uk to request a sample scan report, schedule a CI integration walkthrough, or ask any pre-purchase questions about the product.
All product and company names are trademarks or registered trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.