Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Aqua’s Trivy Now Available as a GitHub Action

Aqua Security, the pure-play cloud native security leader, announced that Aqua’s open source Trivy vulnerability scanner is now available as an Aqua Security Trivy GitHub Action. The action integrates with GitHub code scanning so developers can build container image scanning into their GitHub Actions workflow to find and eliminate vulnerabilities before they reach production.

“Code scanning was purpose-built with extensibility in mind,” said John Leon, VP of Business Development at GitHub. “We continue to expand our security ecosystem with solutions like Aqua, so developers can work with the security scanning technologies they want, all within the GitHub-native experience they love. Together, we’re making security easier for everyone.”

Recommended AI News: Snowflake Launches Snowflake Partner Network To Expand Partner Offering And Commitment To The Ecosystem

GitHub code scanning integrates with GitHub Actions or users’ existing CI/CD environments and scans code as it’s created, surfacing actionable security reviews within pull requests and other GitHub experiences.

Related Posts
1 of 15,643

The Aqua Security Trivy Action integration finds vulnerabilities (CVEs) in the OS package dependencies and language libraries built into a container image. Developers must avoid deploying images that might harbor significant CVEs that attackers can exploit. The Trivy Action alerts developers to known CVEs via the GitHub user interface to quickly and easily update these dependencies and eliminate the risk.

Recommended AI News: Siemens Adds Modern Cloud PLM To Xcelerator Portfolio With New SaaS Offering

The Trivy Action generates output in a format called SARIF that GitHub supports for ingesting security information. The output from an image scan appears right in the GitHub code scanning UI, specifically under a project repository’s Security tab.

“Developers are moving more applications into production, so we’re focused on helping them build securely without slowing down innovation,” said Liz Rice, VP of Open Source Engineering at Aqua. “The new Aqua Security Trivy GitHub Action brings container security scanning right into the GitHub interface that developers know and love.”

Recommended AI News: KidneyIntelX Receives New York State Approval To Commence Commercial Testing

Leave A Reply

Your email address will not be published.