🍺 BREW Explorer

← all formulae

trivy

brew install trivy v0.71.2 Apache-2.0

Vulnerability scanner for container images, filesystems, Git repos, and Kubernetes in Go.

Why you might care

Detects known vulnerabilities, misconfigurations, secrets, and Software Bill of Materials (SBOM) in Docker/OCI images and infrastructure code. Single-binary CLI designed for CI/CD integration and local scanning; faster and more comprehensive than many alternatives due to offline-first vulnerability database and minimal setup.

Categories

security scanner container-runtime

Alternatives

Anchore Grype Snyk Clair Aqua Microscanner
13.3k
30-day installs · #308
32.4k
90-day · #375
133.3k
365-day · #356

Build dependencies

go

Links

Blurb generated by claude-haiku-4-5 on today.

Raw metadata 
{
  "aliases": [],
  "alternatives": [
    "Anchore Grype",
    "Snyk",
    "Clair",
    "Aqua Microscanner"
  ],
  "build_dependencies": [
    "go"
  ],
  "categories": [
    "security",
    "scanner",
    "container-runtime"
  ],
  "caveats": null,
  "conflicts_with": [],
  "dependencies": [],
  "deprecated": 0,
  "deprecation_reason": null,
  "desc": "Vulnerability scanner for container images, file systems, and Git repos",
  "disable_reason": null,
  "disabled": 0,
  "enrichment_fetched_at": "2026-06-20T23:40:48+00:00",
  "first_seen": "2026-06-20T23:34:18+00:00",
  "full_name": "trivy",
  "github_default_branch": null,
  "github_last_commit_at": null,
  "github_readme_excerpt": null,
  "github_repo": null,
  "github_stars": null,
  "github_topics": [],
  "homepage": "https://trivy.dev/",
  "homepage_og_description": "Trivy is the most popular open source security scanner for Vulnerability \u0026, IaC, SBOM discovery, cloud scanning and Kubernetes security",
  "homepage_og_image": "assets/images/trivy-horizontal-featured-image.png",
  "homepage_title": "Trivy",
  "installs_30d": 13262,
  "installs_365d": 133263,
  "installs_90d": 32376,
  "keg_only": 0,
  "keg_only_reason": null,
  "last_seen": "2026-06-20T23:34:18+00:00",
  "license": "Apache-2.0",
  "llm_generated_at": "2026-06-20T23:44:03+00:00",
  "llm_model": "claude-haiku-4-5",
  "name": "trivy",
  "oldnames": [],
  "one_liner": "Vulnerability scanner for container images, filesystems, Git repos, and Kubernetes in Go.",
  "optional_dependencies": [],
  "rank_30d": 308,
  "rank_365d": 356,
  "rank_90d": 375,
  "raw_hash": "9baecda9e26ae8ea",
  "recommended_dependencies": [],
  "revision": 0,
  "ruby_source_path": "Formula/t/trivy.rb",
  "tap": "homebrew/core",
  "test_dependencies": [],
  "uses_from_macos": [],
  "version_head": "HEAD",
  "version_stable": "0.71.2",
  "versioned_formulae": [],
  "why_use_this": "Detects known vulnerabilities, misconfigurations, secrets, and Software Bill of Materials (SBOM) in Docker/OCI images and infrastructure code. Single-binary CLI designed for CI/CD integration and local scanning; faster and more comprehensive than many alternatives due to offline-first vulnerability database and minimal setup."
}