New: AI agents can shop on Cubbie Read →

Open-source vulnerability scanner from Aqua Security that finds CVEs in container images, IaC, and Git repositories.

Pricing

Free open source

Founded

2019

Team size

501-1,000 employees

Headquarters

Burlington, MA

Aqua Trivy preview

Preview from aquasec.com/products/trivy

At a glance

Best for

DevOps Engineers, Security Engineer

Pricing model

Free

Try before you buy

Free plan

Integrates with

GitLab Container ScanningGitHub ActionsKubernetes (Helm chart, Starboard dashboard)Harbor RegistryArtifact Hub+5

About Aqua Trivy

Aqua Trivy is an open-source security scanner for container images, filesystems, Git repositories, Kubernetes, and IaC, detecting known vulnerabilities (CVEs), misconfigurations, secrets, and SBOM issues. Widely embedded in CI/CD pipelines, it is used by developers and platform teams for shift-left security. The tool is free; Aqua's commercial enterprise platform is sold separately.

Procurement & Fit

Structured facts from the vendor to help your security, finance, and procurement reviews move faster.

Trust

Security & compliance

The vendor hasn’t added security or compliance details yet.

Pricing

Commercial model

Pricing model: Free

Free trial: No

Free plan: Yes

Contract minimum: Not specified

Procurement

Purchasing & legal

The vendor hasn’t added purchasing & legal details yet.

Fit

Best-fit company size

Company-size fit has not been specified yet.

Buyer Fit & Positioning

Implementation & Procurement

Commercial Fit & Ecosystem

Proof, Outcomes & Momentum

Alternatives, Migration & Buyer Objections