Skip to content

Trivy

Trivy

Vulnerability scanner for containers/images. Installs CLI for SBOM and vuln. checks.

Lab Environment Only

This tool is intended for ephemeral, short-lived lab environments and is not hardened for production use.

System Requirements

This script is designed for Ubuntu LTS and derivatives (Linux Mint, Pop!_OS). Other distributions (RHEL, Fedora, Debian, ARM) are not supported.

Installation Command

curl -sL https://raw.githubusercontent.com/ibtisam-iq/infra-bootstrap/main/scripts/components/trivy-setup.sh | sudo bash

What It Installs

  • Trivy CLI (latest).
  • Binary in PATH.

Verify

trivy version  # e.g., Version: 0.48.x
trivy image alpine:latest  # Test scan

Post-Installation Verification

After installation completes, it is recommended to:

  1. Validate the installed version
  2. Ensure the service is running (if applicable)
  3. Confirm CLI availability
  4. Run a basic operational command

Official Docs: aquasecurity.github.io/trivy

Last update: January 21, 2026 11:27:57 PM