wonderful explanation , i love this tool trivy , have been using it from more than a year in our CICD pipelines , it really helped us during the log4j zero-day vulnerability ,
That's a good introduction. Has the team at Aqua thought about putting out some broader information around how to incorporate the SBOM into a system to manage / consume the SBOM data?
As far as I know (Anais from the video), we are going to publish more detailed content on how to generate SBOMs within Aqua and "what to do with your SBOMs" -- keep an eye out for those on the Aqua blog ☺
Heya, yes, however the command changed -- the details are specified in our previous release github.com/aquasecurity/trivy/discussions/2523 basically, you now have to write something like trivy image --format cyclonedx alpine:3.15
wonderful explanation , i love this tool trivy , have been using it from more than a year in our CICD pipelines , it really helped us during the log4j zero-day vulnerability ,
Great demo!
Vex next?
That's a good introduction. Has the team at Aqua thought about putting out some broader information around how to incorporate the SBOM into a system to manage / consume the SBOM data?
As far as I know (Anais from the video), we are going to publish more detailed content on how to generate SBOMs within Aqua and "what to do with your SBOMs" -- keep an eye out for those on the Aqua blog ☺
Howdy, is this feature still there?
Heya, yes, however the command changed -- the details are specified in our previous release github.com/aquasecurity/trivy/discussions/2523 basically, you now have to write something like trivy image --format cyclonedx alpine:3.15
@@AquaSecOSS Thank you