{"id":3693,"date":"2025-12-05T08:05:32","date_gmt":"2025-12-05T05:05:32","guid":{"rendered":"https:\/\/dockerhosting.ru\/blog\/?p=3693"},"modified":"2025-12-05T08:05:35","modified_gmt":"2025-12-05T05:05:35","slug":"trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu","status":"publish","type":"post","link":"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/","title":{"rendered":"Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>Trivy<\/strong>&nbsp;\u2014 \u044d\u0442\u043e \u043c\u043e\u0449\u043d\u044b\u0439 open-source \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043e\u0442 Aqua Security, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043a\u0443\u043d\u0434 \u043d\u0430\u0445\u043e\u0434\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Docker-\u043e\u0431\u0440\u0430\u0437\u0430\u0445, \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u0430\u0445 \u0438 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 \u043a\u043e\u0434\u0430. \u0412 \u044d\u0442\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u043c \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 \u0440\u0430\u0437\u0431\u0435\u0440\u0451\u043c, \u043f\u043e\u0447\u0435\u043c\u0443 Trivy \u0441\u0442\u0430\u043b \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043e\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432, \u043a\u0430\u043a \u0435\u0433\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c, \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438 \u0432\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0432 \u0432\u0430\u0448 CI\/CD pipeline.<\/p>\n<\/blockquote>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68_1 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title \" >\u0421\u043e\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A7%D1%82%D0%BE_%D1%82%D0%B0%D0%BA%D0%BE%D0%B5_Trivy_%D0%B8_%D0%B7%D0%B0%D1%87%D0%B5%D0%BC_%D0%BE%D0%BD_%D0%BD%D1%83%D0%B6%D0%B5%D0%BD\" title=\"\u0427\u0442\u043e \u0442\u0430\u043a\u043e\u0435 Trivy \u0438 \u0437\u0430\u0447\u0435\u043c \u043e\u043d \u043d\u0443\u0436\u0435\u043d\">\u0427\u0442\u043e \u0442\u0430\u043a\u043e\u0435 Trivy \u0438 \u0437\u0430\u0447\u0435\u043c \u043e\u043d \u043d\u0443\u0436\u0435\u043d<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%97%D0%B0%D1%87%D0%B5%D0%BC_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C_Docker-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D1%8B\" title=\"\u0417\u0430\u0447\u0435\u043c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c Docker-\u043e\u0431\u0440\u0430\u0437\u044b?\">\u0417\u0430\u0447\u0435\u043c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c Docker-\u043e\u0431\u0440\u0430\u0437\u044b?<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#1_%D0%A3%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8_%D0%B2_%D0%B1%D0%B0%D0%B7%D0%BE%D0%B2%D1%8B%D1%85_%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%B0%D1%85\" title=\"1. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u043e\u0431\u0440\u0430\u0437\u0430\u0445\">1. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u043e\u0431\u0440\u0430\u0437\u0430\u0445<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#2_%D0%9F%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC%D0%BD%D1%8B%D0%B5_%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8_%D0%B2_packagejsonrequirementstxt\" title=\"2. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0435 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 package.json\/requirements.txt\">2. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0435 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 package.json\/requirements.txt<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#3_%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B8_%D0%BA%D0%BE%D0%BD%D1%84%D0%B8%D0%B3%D1%83%D1%80%D0%B0%D1%86%D0%B8%D0%B8_Dockerfile\" title=\"3. \u041e\u0448\u0438\u0431\u043a\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 Dockerfile\">3. \u041e\u0448\u0438\u0431\u043a\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 Dockerfile<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#4_%D0%9B%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5_%D0%BF%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC%D1%8B\" title=\"4. \u041b\u0438\u0446\u0435\u043d\u0437\u0438\u043e\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b\">4. \u041b\u0438\u0446\u0435\u043d\u0437\u0438\u043e\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A0%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5_%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D1%81%D1%82%D0%B2%D0%B8%D1%8F_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9\" title=\"\u0420\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\">\u0420\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83_%D0%B8%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE_Trivy_%D1%81%D1%80%D0%B0%D0%B2%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5_%D1%81_%D0%B0%D0%BB%D1%8C%D1%82%D0%B5%D1%80%D0%BD%D0%B0%D1%82%D0%B8%D0%B2%D0%B0%D0%BC%D0%B8\" title=\"\u041f\u043e\u0447\u0435\u043c\u0443 \u0438\u043c\u0435\u043d\u043d\u043e Trivy: \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u0435 \u0441 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u0430\u043c\u0438\">\u041f\u043e\u0447\u0435\u043c\u0443 \u0438\u043c\u0435\u043d\u043d\u043e Trivy: \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u0435 \u0441 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u0430\u043c\u0438<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Trivy_vs_Clair_vs_Snyk_vs_Docker_Scout\" title=\"Trivy vs Clair vs Snyk vs Docker Scout\">Trivy vs Clair vs Snyk vs Docker Scout<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D1%80%D0%B5%D0%B8%D0%BC%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B0_Trivy\" title=\"\u041f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0430 Trivy\">\u041f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0430 Trivy<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9A%D0%BE%D0%B3%D0%B4%D0%B0_%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C_%D0%B0%D0%BB%D1%8C%D1%82%D0%B5%D1%80%D0%BD%D0%B0%D1%82%D0%B8%D0%B2%D1%83\" title=\"\u041a\u043e\u0433\u0434\u0430 \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u0443?\">\u041a\u043e\u0433\u0434\u0430 \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u0443?<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A3%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0_Trivy_%D0%B2%D1%81%D0%B5_%D1%81%D0%BF%D0%BE%D1%81%D0%BE%D0%B1%D1%8B\" title=\"\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 Trivy: \u0432\u0441\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u044b\">\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 Trivy: \u0432\u0441\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u044b<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A1%D0%BF%D0%BE%D1%81%D0%BE%D0%B1_1_Docker_%D1%80%D0%B5%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D0%B4%D1%83%D0%B5%D1%82%D1%81%D1%8F_%D0%B4%D0%BB%D1%8F_%D0%B1%D1%8B%D1%81%D1%82%D1%80%D0%BE%D0%B3%D0%BE_%D1%81%D1%82%D0%B0%D1%80%D1%82%D0%B0\" title=\"\u0421\u043f\u043e\u0441\u043e\u0431 1: Docker (\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u0441\u0442\u0430\u0440\u0442\u0430)\">\u0421\u043f\u043e\u0441\u043e\u0431 1: Docker (\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u0441\u0442\u0430\u0440\u0442\u0430)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A1%D0%BF%D0%BE%D1%81%D0%BE%D0%B1_2_Binary_LinuxmacOSWindows\" title=\"\u0421\u043f\u043e\u0441\u043e\u0431 2: Binary (Linux\/macOS\/Windows)\">\u0421\u043f\u043e\u0441\u043e\u0431 2: Binary (Linux\/macOS\/Windows)<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Linux_x86_64\" title=\"Linux (x86_64)\">Linux (x86_64)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#macOS_Homebrew\" title=\"macOS (Homebrew)\">macOS (Homebrew)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Windows_Chocolatey\" title=\"Windows (Chocolatey)\">Windows (Chocolatey)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Windows_Scoop\" title=\"Windows (Scoop)\">Windows (Scoop)<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A1%D0%BF%D0%BE%D1%81%D0%BE%D0%B1_3_%D0%A3%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0_%D1%87%D0%B5%D1%80%D0%B5%D0%B7_%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82_%D1%83%D0%BD%D0%B8%D0%B2%D0%B5%D1%80%D1%81%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9\" title=\"\u0421\u043f\u043e\u0441\u043e\u0431 3: \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u0440\u0438\u043f\u0442 (\u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0439)\">\u0421\u043f\u043e\u0441\u043e\u0431 3: \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u0440\u0438\u043f\u0442 (\u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0439)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-20\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A1%D0%BF%D0%BE%D1%81%D0%BE%D0%B1_4_%D0%A3%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0_%D0%B2_%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%B9%D0%BD%D0%B5%D1%80_%D0%B4%D0%BB%D1%8F_CICD\" title=\"\u0421\u043f\u043e\u0441\u043e\u0431 4: \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 (\u0434\u043b\u044f CI\/CD)\">\u0421\u043f\u043e\u0441\u043e\u0431 4: \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 (\u0434\u043b\u044f CI\/CD)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-21\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9E%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5_Trivy\" title=\"\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Trivy\">\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Trivy<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-22\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D0%B5%D1%80%D0%B2%D0%BE%D0%BD%D0%B0%D1%87%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F_%D0%BD%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0\" title=\"\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0430\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\">\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0430\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-23\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%91%D0%B0%D0%B7%D0%BE%D0%B2%D0%BE%D0%B5_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_Docker-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2\" title=\"\u0411\u0430\u0437\u043e\u0432\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432\">\u0411\u0430\u0437\u043e\u0432\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-24\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D1%80%D0%BE%D1%81%D1%82%D0%BE%D0%B5_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5\" title=\"\u041f\u0440\u043e\u0441\u0442\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\">\u041f\u0440\u043e\u0441\u0442\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-25\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%BD%D0%B8%D0%B5_%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%82%D0%BE%D0%B2\" title=\"\u041f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u0432\">\u041f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u0432<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-26\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BB%D0%BE%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE_%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%B0\" title=\"\u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430\">\u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-27\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D1%81_%D1%84%D0%B8%D0%BB%D1%8C%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B5%D0%B9_%D0%BF%D0%BE_%D1%81%D0%B5%D1%80%D1%8C%D1%91%D0%B7%D0%BD%D0%BE%D1%81%D1%82%D0%B8\" title=\"\u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0435\u0439 \u043f\u043e \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u0438\">\u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0435\u0439 \u043f\u043e \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u0438<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-28\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8B%D1%85_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9\" title=\"\u0418\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\">\u0418\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-29\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%94%D0%B5%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9_%D0%BE%D1%82%D1%87%D1%91%D1%82_%D1%81_%D0%BE%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D1%8F%D0%BC%D0%B8\" title=\"\u0414\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f\u043c\u0438\">\u0414\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f\u043c\u0438<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-30\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A0%D0%B0%D1%81%D1%88%D0%B8%D1%80%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5_%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8_Trivy\" title=\"\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 Trivy\">\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 Trivy<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-31\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#1_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_Git-%D1%80%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%D0%BE%D1%80%D0%B8%D0%B5%D0%B2\" title=\"1. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Git-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432\">1. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Git-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-32\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#2_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_Kubernetes-%D0%BA%D0%BB%D0%B0%D1%81%D1%82%D0%B5%D1%80%D0%BE%D0%B2\" title=\"2. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Kubernetes-\u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432\">2. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Kubernetes-\u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-33\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#3_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BA%D0%BE%D0%BD%D1%84%D0%B8%D0%B3%D1%83%D1%80%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D1%85_%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%B2\" title=\"3. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432\">3. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-34\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#4_%D0%93%D0%B5%D0%BD%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F_%D0%BE%D1%82%D1%87%D1%91%D1%82%D0%BE%D0%B2_%D0%B2_%D1%80%D0%B0%D0%B7%D0%BD%D1%8B%D1%85_%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B0%D1%85\" title=\"4. \u0413\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u044f \u043e\u0442\u0447\u0451\u0442\u043e\u0432 \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0444\u043e\u0440\u043c\u0430\u0442\u0430\u0445\">4. \u0413\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u044f \u043e\u0442\u0447\u0451\u0442\u043e\u0432 \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0444\u043e\u0440\u043c\u0430\u0442\u0430\u0445<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-35\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#JSON_%D0%B4%D0%BB%D1%8F_%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B9_%D0%BE%D0%B1%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B8\" title=\"JSON (\u0434\u043b\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438)\">JSON (\u0434\u043b\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-36\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#SARIF_%D0%B4%D0%BB%D1%8F_GitHub_Advanced_Security\" title=\"SARIF (\u0434\u043b\u044f GitHub Advanced Security)\">SARIF (\u0434\u043b\u044f GitHub Advanced Security)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-37\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#CycloneDX_%D0%B4%D0%BB%D1%8F_SBOM\" title=\"CycloneDX (\u0434\u043b\u044f SBOM)\">CycloneDX (\u0434\u043b\u044f SBOM)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-38\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#HTML_%D0%B4%D0%BB%D1%8F_%D0%B2%D0%B8%D0%B7%D1%83%D0%B0%D0%BB%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8\" title=\"HTML (\u0434\u043b\u044f \u0432\u0438\u0437\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438)\">HTML (\u0434\u043b\u044f \u0432\u0438\u0437\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438)<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-39\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#5_%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0_%D0%BA%D1%8D%D1%88%D0%B0_%D0%B8_%D0%BF%D1%80%D0%BE%D0%BA%D1%81%D0%B8\" title=\"5. \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043a\u044d\u0448\u0430 \u0438 \u043f\u0440\u043e\u043a\u0441\u0438\">5. \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043a\u044d\u0448\u0430 \u0438 \u043f\u0440\u043e\u043a\u0441\u0438<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-40\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%98%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BB%D0%BE%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE_%D0%BA%D1%8D%D1%88%D0%B0\" title=\"\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u044d\u0448\u0430\">\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u044d\u0448\u0430<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-41\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A0%D0%B0%D0%B1%D0%BE%D1%82%D0%B0_%D1%87%D0%B5%D1%80%D0%B5%D0%B7_%D0%BF%D1%80%D0%BE%D0%BA%D1%81%D0%B8\" title=\"\u0420\u0430\u0431\u043e\u0442\u0430 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u043e\u043a\u0441\u0438\">\u0420\u0430\u0431\u043e\u0442\u0430 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u043e\u043a\u0441\u0438<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-42\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9E%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5_%D0%B1%D0%B0%D0%B7%D1%8B_%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85_%D0%B1%D0%B5%D0%B7_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F\" title=\"\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0431\u0435\u0437 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f\">\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0431\u0435\u0437 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-43\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#6_%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BA%D0%BE%D0%BD%D0%BA%D1%80%D0%B5%D1%82%D0%BD%D1%8B%D1%85_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9\" title=\"6. \u0418\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\">6. \u0418\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-44\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%98%D0%BD%D1%82%D0%B5%D0%B3%D1%80%D0%B0%D1%86%D0%B8%D1%8F_%D0%B2_CICD_GitHub_Actions_GitLab_CI_Jenkins\" title=\"\u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0432 CI\/CD: GitHub Actions, GitLab CI, Jenkins\">\u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0432 CI\/CD: GitHub Actions, GitLab CI, Jenkins<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-45\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#GitHub_Actions\" title=\"GitHub Actions\">GitHub Actions<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-46\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%91%D0%B0%D0%B7%D0%BE%D0%B2%D1%8B%D0%B9_%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80\" title=\"\u0411\u0430\u0437\u043e\u0432\u044b\u0439 \u043f\u0440\u0438\u043c\u0435\u0440\">\u0411\u0430\u0437\u043e\u0432\u044b\u0439 \u043f\u0440\u0438\u043c\u0435\u0440<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-47\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D1%80%D0%BE%D0%B4%D0%B2%D0%B8%D0%BD%D1%83%D1%82%D1%8B%D0%B9_%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80_%D1%81_%D0%BA%D1%8D%D1%88%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%D0%BC\" title=\"\u041f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u044b\u0439 \u043f\u0440\u0438\u043c\u0435\u0440 \u0441 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c\">\u041f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u044b\u0439 \u043f\u0440\u0438\u043c\u0435\u0440 \u0441 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-48\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#GitLab_CI\" title=\"GitLab CI\">GitLab CI<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-49\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Jenkins\" title=\"Jenkins\">Jenkins<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-50\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Azure_DevOps\" title=\"Azure DevOps\">Azure DevOps<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-51\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5_%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80%D1%8B_%D0%B8_%D0%BA%D0%B5%D0%B9%D1%81%D1%8B\" title=\"\u041f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u0438 \u043a\u0435\u0439\u0441\u044b\">\u041f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u0438 \u043a\u0435\u0439\u0441\u044b<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-52\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D1%80%D0%B8%D0%BC%D0%B5%D1%80_1_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BF%D0%B5%D1%80%D0%B5%D0%B4_%D0%B4%D0%B5%D0%BF%D0%BB%D0%BE%D0%B5%D0%BC\" title=\"\u041f\u0440\u0438\u043c\u0435\u0440 1: \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0435\u0440\u0435\u0434 \u0434\u0435\u043f\u043b\u043e\u0435\u043c\">\u041f\u0440\u0438\u043c\u0435\u0440 1: \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0435\u0440\u0435\u0434 \u0434\u0435\u043f\u043b\u043e\u0435\u043c<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-53\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D1%80%D0%B8%D0%BC%D0%B5%D1%80_2_%D0%95%D0%B6%D0%B5%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D1%8B%D0%B9_%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B8%D0%BD%D0%B3\" title=\"\u041f\u0440\u0438\u043c\u0435\u0440 2: \u0415\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u044b\u0439 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\">\u041f\u0440\u0438\u043c\u0435\u0440 2: \u0415\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u044b\u0439 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-54\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D1%80%D0%B8%D0%BC%D0%B5%D1%80_3_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%B2%D1%81%D0%B5%D1%85_%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2_%D0%B2_registry\" title=\"\u041f\u0440\u0438\u043c\u0435\u0440 3: \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 registry\">\u041f\u0440\u0438\u043c\u0435\u0440 3: \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 registry<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-55\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D1%80%D0%B8%D0%BC%D0%B5%D1%80_4_%D0%98%D0%BD%D1%82%D0%B5%D0%B3%D1%80%D0%B0%D1%86%D0%B8%D1%8F_%D1%81_%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B8%D0%BD%D0%B3%D0%BE%D0%BC\" title=\"\u041f\u0440\u0438\u043c\u0435\u0440 4: \u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u043e\u043c\">\u041f\u0440\u0438\u043c\u0435\u0440 4: \u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u043e\u043c<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-56\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9E%D0%BF%D1%82%D0%B8%D0%BC%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F_%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8\" title=\"\u041e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438\">\u041e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-57\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#1_%D0%98%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BA%D1%8D%D1%88%D0%B0\" title=\"1. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u044d\u0448\u0430\">1. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u044d\u0448\u0430<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-58\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#2_%D0%9F%D0%B0%D1%80%D0%B0%D0%BB%D0%BB%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5\" title=\"2. \u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\">2. \u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-59\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#3_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE_%D0%B8%D0%B7%D0%BC%D0%B5%D0%BD%D1%91%D0%BD%D0%BD%D1%8B%D1%85_%D1%81%D0%BB%D0%BE%D1%91%D0%B2\" title=\"3. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0437\u043c\u0435\u043d\u0451\u043d\u043d\u044b\u0445 \u0441\u043b\u043e\u0451\u0432\">3. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0437\u043c\u0435\u043d\u0451\u043d\u043d\u044b\u0445 \u0441\u043b\u043e\u0451\u0432<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-60\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#4_%D0%98%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BB%D0%BE%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B9_%D0%B1%D0%B0%D0%B7%D1%8B_%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85\" title=\"4. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445\">4. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-61\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#5_%D0%9E%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD%D0%B8%D0%B5_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D1%83%D0%B5%D0%BC%D1%8B%D1%85_%D0%BF%D0%B0%D0%BA%D0%B5%D1%82%D0%BD%D1%8B%D1%85_%D0%BC%D0%B5%D0%BD%D0%B5%D0%B4%D0%B6%D0%B5%D1%80%D0%BE%D0%B2\" title=\"5. \u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043d\u044b\u0445 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u043e\u0432\">5. \u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043d\u044b\u0445 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u043e\u0432<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-62\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A7%D0%B0%D1%81%D1%82%D0%BE_%D0%B7%D0%B0%D0%B4%D0%B0%D0%B2%D0%B0%D0%B5%D0%BC%D1%8B%D0%B5_%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B_FAQ\" title=\"\u0427\u0430\u0441\u0442\u043e \u0437\u0430\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u043e\u043f\u0440\u043e\u0441\u044b (FAQ)\">\u0427\u0430\u0441\u0442\u043e \u0437\u0430\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u043e\u043f\u0440\u043e\u0441\u044b (FAQ)<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-63\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Q1_%D0%9A%D0%B0%D0%BA_%D1%87%D0%B0%D1%81%D1%82%D0%BE_%D0%BD%D1%83%D0%B6%D0%BD%D0%BE_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C_%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D1%8B\" title=\"Q1: \u041a\u0430\u043a \u0447\u0430\u0441\u0442\u043e \u043d\u0443\u0436\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u0431\u0440\u0430\u0437\u044b?\">Q1: \u041a\u0430\u043a \u0447\u0430\u0441\u0442\u043e \u043d\u0443\u0436\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u0431\u0440\u0430\u0437\u044b?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-64\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Q2_Trivy_%D0%BD%D0%B0%D1%85%D0%BE%D0%B4%D0%B8%D1%82_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8_%D0%BD%D0%BE_%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9_%D0%BD%D0%B5%D1%82_%D0%A7%D1%82%D0%BE_%D0%B4%D0%B5%D0%BB%D0%B0%D1%82%D1%8C\" title=\"Q2: Trivy \u043d\u0430\u0445\u043e\u0434\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043d\u0435\u0442. \u0427\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c?\">Q2: Trivy \u043d\u0430\u0445\u043e\u0434\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043d\u0435\u0442. \u0427\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-65\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Q3_%D0%9C%D0%BE%D0%B6%D0%BD%D0%BE_%D0%BB%D0%B8_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C_%D0%BF%D1%80%D0%B8%D0%B2%D0%B0%D1%82%D0%BD%D1%8B%D0%B5_registry\" title=\"Q3: \u041c\u043e\u0436\u043d\u043e \u043b\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0435 registry?\">Q3: \u041c\u043e\u0436\u043d\u043e \u043b\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0435 registry?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-66\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Q4_%D0%9A%D0%B0%D0%BA_%D0%B8%D0%BD%D1%82%D0%B5%D0%B3%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C_Trivy_%D1%81_JiraSlack\" title=\"Q4: \u041a\u0430\u043a \u0438\u043d\u0442\u0435\u0433\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c Trivy \u0441 Jira\/Slack?\">Q4: \u041a\u0430\u043a \u0438\u043d\u0442\u0435\u0433\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c Trivy \u0441 Jira\/Slack?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-67\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Q5_Trivy_%D0%BC%D0%B5%D0%B4%D0%BB%D0%B5%D0%BD%D0%BD%D0%BE_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D1%83%D0%B5%D1%82_%D0%B1%D0%BE%D0%BB%D1%8C%D1%88%D0%B8%D0%B5_%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D1%8B_%D0%9A%D0%B0%D0%BA_%D1%83%D1%81%D0%BA%D0%BE%D1%80%D0%B8%D1%82%D1%8C\" title=\"Q5: Trivy \u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0438\u0435 \u043e\u0431\u0440\u0430\u0437\u044b. \u041a\u0430\u043a \u0443\u0441\u043a\u043e\u0440\u0438\u0442\u044c?\">Q5: Trivy \u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0438\u0435 \u043e\u0431\u0440\u0430\u0437\u044b. \u041a\u0430\u043a \u0443\u0441\u043a\u043e\u0440\u0438\u0442\u044c?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-68\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Q6_%D0%9C%D0%BE%D0%B6%D0%BD%D0%BE_%D0%BB%D0%B8_%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D1%8C_Trivy_%D0%B4%D0%BB%D1%8F_compliance_%D1%81%D0%BE%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%81%D1%82%D0%B2%D0%B8%D1%8F_%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D0%B0%D0%BC\" title=\"Q6: \u041c\u043e\u0436\u043d\u043e \u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Trivy \u0434\u043b\u044f compliance (\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u044f \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0430\u043c)?\">Q6: \u041c\u043e\u0436\u043d\u043e \u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Trivy \u0434\u043b\u044f compliance (\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u044f \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0430\u043c)?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-69\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Q7_%D0%9A%D0%B0%D0%BA_%D1%81%D1%80%D0%B0%D0%B2%D0%BD%D0%B8%D1%82%D1%8C_%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%82%D1%8B_%D0%B4%D0%B2%D1%83%D1%85_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B9\" title=\"Q7: \u041a\u0430\u043a \u0441\u0440\u0430\u0432\u043d\u0438\u0442\u044c \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0434\u0432\u0443\u0445 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0439?\">Q7: \u041a\u0430\u043a \u0441\u0440\u0430\u0432\u043d\u0438\u0442\u044c \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0434\u0432\u0443\u0445 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0439?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-70\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#Q8_Trivy_%D0%BF%D0%BE%D0%BA%D0%B0%D0%B7%D1%8B%D0%B2%D0%B0%D0%B5%D1%82_%D0%BB%D0%BE%D0%B6%D0%BD%D1%8B%D0%B5_%D1%81%D1%80%D0%B0%D0%B1%D0%B0%D1%82%D1%8B%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F_%D0%9A%D0%B0%D0%BA_%D0%B8%D1%85_%D0%B8%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C\" title=\"Q8: Trivy \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043b\u043e\u0436\u043d\u044b\u0435 \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043d\u0438\u044f. \u041a\u0430\u043a \u0438\u0445 \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c?\">Q8: Trivy \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043b\u043e\u0436\u043d\u044b\u0435 \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043d\u0438\u044f. \u041a\u0430\u043a \u0438\u0445 \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c?<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-71\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%97%D0%B0%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B8%D0%B5_%D0%B8_%D1%81%D0%BB%D0%B5%D0%B4%D1%83%D1%8E%D1%89%D0%B8%D0%B5_%D1%88%D0%B0%D0%B3%D0%B8\" title=\"\u0417\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0448\u0430\u0433\u0438\">\u0417\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0448\u0430\u0433\u0438<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-72\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A0%D0%B5%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D0%B4%D1%83%D0%B5%D0%BC%D1%8B%D0%B9_%D0%BF%D0%BB%D0%B0%D0%BD_%D0%B2%D0%BD%D0%B5%D0%B4%D1%80%D0%B5%D0%BD%D0%B8%D1%8F\" title=\"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c\u044b\u0439 \u043f\u043b\u0430\u043d \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f\">\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c\u044b\u0439 \u043f\u043b\u0430\u043d \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-73\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%9F%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5_%D1%80%D0%B5%D1%81%D1%83%D1%80%D1%81%D1%8B\" title=\"\u041f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b\">\u041f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-74\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#%D0%A1%D0%B2%D1%8F%D0%B7%D0%B0%D0%BD%D0%BD%D1%8B%D0%B5_%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8\" title=\"\u0421\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441\u0442\u0430\u0442\u044c\u0438\">\u0421\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441\u0442\u0430\u0442\u044c\u0438<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\" id=\"%D1%87%D1%82%D0%BE-%D1%82%D0%B0%D0%BA%D0%BE%D0%B5-trivy-%D0%B8-%D0%B7%D0%B0%D1%87%D0%B5%D0%BC-%D0%BE%D0%BD-%D0%BD%D1%83%D0%B6%D0%B5%D0%BD-%D1%87%D1%82%D0%BE-%D1%82%D0%B0%D0%BA%D0%BE%D0%B5-trivy\"><span class=\"ez-toc-section\" id=\"%D0%A7%D1%82%D0%BE_%D1%82%D0%B0%D0%BA%D0%BE%D0%B5_Trivy_%D0%B8_%D0%B7%D0%B0%D1%87%D0%B5%D0%BC_%D0%BE%D0%BD_%D0%BD%D1%83%D0%B6%D0%B5%D0%BD\"><\/span>\u0427\u0442\u043e \u0442\u0430\u043a\u043e\u0435 Trivy \u0438 \u0437\u0430\u0447\u0435\u043c \u043e\u043d \u043d\u0443\u0436\u0435\u043d<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p><strong>Trivy<\/strong>&nbsp;(\u043e\u0442 \u0430\u043d\u0433\u043b. &#171;trivial&#187; \u2014 \u043f\u0440\u043e\u0441\u0442\u043e\u0439) \u2014 \u044d\u0442\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u043a\u0430\u043d\u0435\u0440 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Docker-\u043e\u0431\u0440\u0430\u0437\u044b<\/strong>\u00a0\u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u0430\u0445<\/li>\n\n\n\n<li><strong>\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b<\/strong>\u00a0(Dockerfile, Kubernetes, Terraform, Ansible)<\/li>\n\n\n\n<li><strong>Git-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438<\/strong>\u00a0\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044f\u0445<\/li>\n\n\n\n<li><strong>\u0424\u0430\u0439\u043b\u043e\u0432\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b<\/strong>\u00a0\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0438<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%B7%D0%B0%D1%87%D0%B5%D0%BC-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-docker-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D1%8B\"><span class=\"ez-toc-section\" id=\"%D0%97%D0%B0%D1%87%D0%B5%D0%BC_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C_Docker-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D1%8B\"><\/span>\u0417\u0430\u0447\u0435\u043c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c Docker-\u043e\u0431\u0440\u0430\u0437\u044b?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u041f\u043e \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435&nbsp;<a href=\"https:\/\/snyk.io\/reports\/\">Snyk State of Open Source Security 2024<\/a>,&nbsp;<strong>84% Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043e\u0434\u043d\u0443 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c<\/strong>. \u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u0438\u0447\u0438\u043d\u044b:<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"1-%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8-%D0%B2-%D0%B1%D0%B0%D0%B7%D0%BE%D0%B2%D1%8B%D1%85-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%B0%D1%85\"><span class=\"ez-toc-section\" id=\"1_%D0%A3%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8_%D0%B2_%D0%B1%D0%B0%D0%B7%D0%BE%D0%B2%D1%8B%D1%85_%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%B0%D1%85\"><\/span>1. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u043e\u0431\u0440\u0430\u0437\u0430\u0445<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>\u0414\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0432\u0430\u0448 \u043a\u043e\u0434 \u0438\u0434\u0435\u0430\u043b\u0435\u043d, \u0431\u0430\u0437\u043e\u0432\u044b\u0439 \u043e\u0431\u0440\u0430\u0437 \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>FROM python:3.9-slim  <em># \u041c\u043e\u0436\u0435\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c CVE-2023-5678 \u0432 OpenSSL<\/em>\nCOPY . \/app\nRUN pip install -r requirements.txt\n<\/code><\/pre>\n\n\n\n<p><strong>\u041f\u0440\u0438\u043c\u0435\u0440 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u041e\u0431\u0440\u0430\u0437\u00a0<code>node:16-alpine<\/code>\u00a0\u043e\u0442 2022 \u0433\u043e\u0434\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-38545 \u0432 curl<\/li>\n\n\n\n<li>CVSS Score:\u00a0<strong>9.8 (Critical)<\/strong><\/li>\n\n\n\n<li>\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f: \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 HTTP\/2<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"2-%D0%BF%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC%D0%BD%D1%8B%D0%B5-%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8-%D0%B2-packagejsonrequirementstxt\"><span class=\"ez-toc-section\" id=\"2_%D0%9F%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC%D0%BD%D1%8B%D0%B5_%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8_%D0%B2_packagejsonrequirementstxt\"><\/span>2. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0435 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 package.json\/requirements.txt<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>{\n  \"dependencies\": {\n    \"express\": \"^4.17.1\",  <em>\/\/ \u041c\u043e\u0436\u0435\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c CVE-2022-24999<\/em>\n    \"lodash\": \"4.17.20\"    <em>\/\/ \u0418\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 prototype pollution<\/em>\n  }\n}\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"3-%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B8-%D0%BA%D0%BE%D0%BD%D1%84%D0%B8%D0%B3%D1%83%D1%80%D0%B0%D1%86%D0%B8%D0%B8-dockerfile\"><span class=\"ez-toc-section\" id=\"3_%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B8_%D0%BA%D0%BE%D0%BD%D1%84%D0%B8%D0%B3%D1%83%D1%80%D0%B0%D1%86%D0%B8%D0%B8_Dockerfile\"><\/span>3. \u041e\u0448\u0438\u0431\u043a\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 Dockerfile<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u274c \u041f\u041b\u041e\u0425\u041e: \u0437\u0430\u043f\u0443\u0441\u043a \u043e\u0442 root<\/em>\nFROM ubuntu:20.04\nRUN apt-get update &amp;&amp; apt-get install -y nginx\nCMD &#91;\"nginx\"]\n\n<em># \u2705 \u0425\u041e\u0420\u041e\u0428\u041e: \u043d\u0435-root \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c<\/em>\nFROM ubuntu:20.04\nRUN useradd -m -u 1000 appuser &amp;&amp; \\\n    apt-get update &amp;&amp; apt-get install -y nginx\nUSER appuser\nCMD &#91;\"nginx\"]\n<\/code><\/pre>\n\n\n\n<p>Trivy \u043d\u0430\u0445\u043e\u0434\u0438\u0442 \u0442\u0430\u043a\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"4-%D0%BB%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5-%D0%BF%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC%D1%8B\"><span class=\"ez-toc-section\" id=\"4_%D0%9B%D0%B8%D1%86%D0%B5%D0%BD%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5_%D0%BF%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC%D1%8B\"><\/span>4. \u041b\u0438\u0446\u0435\u043d\u0437\u0438\u043e\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>Trivy \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 GPL-, AGPL-\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432\u0430\u0448\u0435\u0433\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D1%80%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5-%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D1%81%D1%82%D0%B2%D0%B8%D1%8F-%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9\"><span class=\"ez-toc-section\" id=\"%D0%A0%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5_%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D1%81%D1%82%D0%B2%D0%B8%D1%8F_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9\"><\/span>\u0420\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>\u041a\u0435\u0439\u0441 1: Log4Shell (CVE-2021-44228)<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Apache Log4j \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430<\/li>\n\n\n\n<li>\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u044b Java-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439<\/li>\n\n\n\n<li>\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e\u0442\u0440\u0430\u0442\u0438\u043b\u0438 \u043d\u0435\u0434\u0435\u043b\u0438 \u043d\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0435\u0439<\/li>\n<\/ul>\n\n\n\n<p><strong>\u041a\u0435\u0439\u0441 2: Heartbleed (CVE-2014-0160)<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 OpenSSL \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0430\u043c\u044f\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0430<\/li>\n\n\n\n<li>\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b 17% HTTPS-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435<\/li>\n\n\n\n<li>\u0423\u0449\u0435\u0440\u0431: \u0443\u0442\u0435\u0447\u043a\u0438 \u043f\u0430\u0440\u043e\u043b\u0435\u0439, \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0445 \u043a\u043b\u044e\u0447\u0435\u0439<\/li>\n<\/ul>\n\n\n\n<p>\u0411\u0435\u0437 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u0430\u0448 \u0440\u0435\u043b\u0438\u0437 \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441&nbsp;<strong>CVSS 9.0+<\/strong>, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043b\u0435\u0433\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"%D0%BF%D0%BE%D1%87%D0%B5%D0%BC%D1%83-%D0%B8%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE-trivy-%D1%81%D1%80%D0%B0%D0%B2%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5-%D1%81-%D0%B0%D0%BB%D1%8C%D1%82%D0%B5%D1%80%D0%BD%D0%B0%D1%82%D0%B8%D0%B2%D0%B0%D0%BC%D0%B8-%D1%81%D1%80%D0%B0%D0%B2%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5-%D1%81-%D0%B0%D0%BB%D1%8C%D1%82%D0%B5%D1%80%D0%BD%D0%B0%D1%82%D0%B8%D0%B2%D0%B0%D0%BC%D0%B8\"><span class=\"ez-toc-section\" id=\"%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83_%D0%B8%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE_Trivy_%D1%81%D1%80%D0%B0%D0%B2%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5_%D1%81_%D0%B0%D0%BB%D1%8C%D1%82%D0%B5%D1%80%D0%BD%D0%B0%D1%82%D0%B8%D0%B2%D0%B0%D0%BC%D0%B8\"><\/span>\u041f\u043e\u0447\u0435\u043c\u0443 \u0438\u043c\u0435\u043d\u043d\u043e Trivy: \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u0435 \u0441 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u0430\u043c\u0438<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"trivy-vs-clair-vs-snyk-vs-docker-scout\"><span class=\"ez-toc-section\" id=\"Trivy_vs_Clair_vs_Snyk_vs_Docker_Scout\"><\/span>Trivy vs Clair vs Snyk vs Docker Scout<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th class=\"has-text-align-left\" data-align=\"left\">\u041a\u0440\u0438\u0442\u0435\u0440\u0438\u0439<\/th><th class=\"has-text-align-left\" data-align=\"left\">Trivy<\/th><th class=\"has-text-align-left\" data-align=\"left\">Clair<\/th><th class=\"has-text-align-left\" data-align=\"left\">Snyk<\/th><th class=\"has-text-align-left\" data-align=\"left\">Docker Scout<\/th><\/tr><\/thead><tbody><tr><td><strong>\u0422\u0438\u043f<\/strong><\/td><td>Open-source<\/td><td>Open-source<\/td><td>\u041a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u0439<\/td><td>\u041a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u0439<\/td><\/tr><tr><td><strong>\u0421\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f<\/strong><\/td><td>\u26a1 \u041e\u0447\u0435\u043d\u044c \u0431\u044b\u0441\u0442\u0440\u044b\u0439<\/td><td>\ud83d\udc0c \u041c\u0435\u0434\u043b\u0435\u043d\u043d\u044b\u0439<\/td><td>\u26a1 \u0411\u044b\u0441\u0442\u0440\u044b\u0439<\/td><td>\u26a1 \u0411\u044b\u0441\u0442\u0440\u044b\u0439<\/td><\/tr><tr><td><strong>\u041f\u0440\u043e\u0441\u0442\u043e\u0442\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438<\/strong><\/td><td>\u2705 \u041e\u0434\u043d\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u0430<\/td><td>\u274c \u0422\u0440\u0435\u0431\u0443\u0435\u0442 PostgreSQL<\/td><td>\u2705 \u041f\u0440\u043e\u0441\u0442\u0430\u044f<\/td><td>\u2705 \u041f\u0440\u043e\u0441\u0442\u0430\u044f<\/td><\/tr><tr><td><strong>\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 K8s<\/strong><\/td><td>\u2705 \u0414\u0430<\/td><td>\u274c \u041d\u0435\u0442<\/td><td>\u2705 \u0414\u0430<\/td><td>\u2705 \u0414\u0430<\/td><\/tr><tr><td><strong>\u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u043e\u0432<\/strong><\/td><td>\u2705 \u0414\u0430<\/td><td>\u274c \u041d\u0435\u0442<\/td><td>\u2705 \u0414\u0430<\/td><td>\u2705 \u0414\u0430<\/td><\/tr><tr><td><strong>\u0421\u0442\u043e\u0438\u043c\u043e\u0441\u0442\u044c<\/strong><\/td><td>\ud83d\udcb0 \u0411\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e<\/td><td>\ud83d\udcb0 \u0411\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e<\/td><td>\ud83d\udcb0 \u041e\u0442 $52\/\u043c\u0435\u0441<\/td><td>\ud83d\udcb0 \u041e\u0442 $5\/\u043e\u0431\u0440\u0430\u0437\/\u043c\u0435\u0441<\/td><\/tr><tr><td><strong>GitHub Stars<\/strong><\/td><td>\u2b50 20k+<\/td><td>\u2b50 10k+<\/td><td>\u2b50 8k+<\/td><td>\u2b50 1k+<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BF%D1%80%D0%B5%D0%B8%D0%BC%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B0-trivy\"><span class=\"ez-toc-section\" id=\"%D0%9F%D1%80%D0%B5%D0%B8%D0%BC%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B0_Trivy\"><\/span>\u041f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0430 Trivy<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u041d\u0443\u043b\u0435\u0432\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f<\/strong>\u00a0\u2014 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0438\u0437 \u043a\u043e\u0440\u043e\u0431\u043a\u0438<\/li>\n\n\n\n<li><strong>\u0411\u044b\u0441\u0442\u0440\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435<\/strong>\u00a0\u2014 \u0441\u0440\u0435\u0434\u043d\u0438\u0439 \u043e\u0431\u0440\u0430\u0437 \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0437\u0430 10-30 \u0441\u0435\u043a\u0443\u043d\u0434<\/li>\n\n\n\n<li><strong>\u0428\u0438\u0440\u043e\u043a\u0438\u0439 \u043e\u0445\u0432\u0430\u0442<\/strong>\u00a0\u2014 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 20+ \u043f\u0430\u043a\u0435\u0442\u043d\u044b\u0445 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u043e\u0432<\/li>\n\n\n\n<li><strong>\u0410\u043a\u0442\u0438\u0432\u043d\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e<\/strong>\u00a0\u2014 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0431\u044b\u0441\u0442\u0440\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0430\u0433\u043e\u0432<\/li>\n\n\n\n<li><strong>\u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 GitHub\/GitLab<\/strong>\u00a0\u2014 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u0430\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 CI\/CD<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0-%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C-%D0%B0%D0%BB%D1%8C%D1%82%D0%B5%D1%80%D0%BD%D0%B0%D1%82%D0%B8%D0%B2%D1%83\"><span class=\"ez-toc-section\" id=\"%D0%9A%D0%BE%D0%B3%D0%B4%D0%B0_%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C_%D0%B0%D0%BB%D1%8C%D1%82%D0%B5%D1%80%D0%BD%D0%B0%D1%82%D0%B8%D0%B2%D1%83\"><\/span>\u041a\u043e\u0433\u0434\u0430 \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u0443?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Snyk<\/strong>\u00a0\u2014 \u0435\u0441\u043b\u0438 \u043d\u0443\u0436\u043d\u0430 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 Jira, Slack \u0438 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u0430\u044f \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430<\/li>\n\n\n\n<li><strong>Docker Scout<\/strong>\u00a0\u2014 \u0435\u0441\u043b\u0438 \u0432\u044b \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043d\u0430 \u044d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u0435 Docker<\/li>\n\n\n\n<li><strong>Clair<\/strong>\u00a0\u2014 \u0435\u0441\u043b\u0438 \u043d\u0443\u0436\u0435\u043d enterprise-grade \u0441\u043a\u0430\u043d\u0435\u0440 \u0441 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439<\/li>\n<\/ul>\n\n\n\n<p><strong>\u0412\u044b\u0432\u043e\u0434:<\/strong>&nbsp;\u0414\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 Trivy \u2014 \u043e\u043f\u0442\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 \u0432\u044b\u0431\u043e\u0440 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043f\u0440\u043e\u0441\u0442\u043e\u0442\u0435 \u0438 \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e\u0441\u0442\u0438.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0-trivy-%D0%B2%D1%81%D0%B5-%D1%81%D0%BF%D0%BE%D1%81%D0%BE%D0%B1%D1%8B-%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0-trivy\"><span class=\"ez-toc-section\" id=\"%D0%A3%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0_Trivy_%D0%B2%D1%81%D0%B5_%D1%81%D0%BF%D0%BE%D1%81%D0%BE%D0%B1%D1%8B\"><\/span>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 Trivy: \u0432\u0441\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u044b<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D1%81%D0%BF%D0%BE%D1%81%D0%BE%D0%B1-1-docker-%D1%80%D0%B5%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D0%B4%D1%83%D0%B5%D1%82%D1%81%D1%8F-%D0%B4%D0%BB%D1%8F-%D0%B1%D1%8B%D1%81%D1%82%D1%80%D0%BE%D0%B3%D0%BE-%D1%81%D1%82%D0%B0%D1%80%D1%82%D0%B0\"><span class=\"ez-toc-section\" id=\"%D0%A1%D0%BF%D0%BE%D1%81%D0%BE%D0%B1_1_Docker_%D1%80%D0%B5%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D0%B4%D1%83%D0%B5%D1%82%D1%81%D1%8F_%D0%B4%D0%BB%D1%8F_%D0%B1%D1%8B%D1%81%D1%82%D1%80%D0%BE%D0%B3%D0%BE_%D1%81%D1%82%D0%B0%D1%80%D1%82%D0%B0\"><\/span>\u0421\u043f\u043e\u0441\u043e\u0431 1: Docker (\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u0441\u0442\u0430\u0440\u0442\u0430)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u0421\u0430\u043c\u044b\u0439 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u2014 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 Docker-\u043e\u0431\u0440\u0430\u0437:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0431\u0440\u0430\u0437\u0430 \u0431\u0435\u0437 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438<\/em>\ndocker run --rm -v \/var\/run\/docker.sock:\/var\/run\/docker.sock \\\n  aquasec\/trivy image python:3.11\n\n<em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430<\/em>\ndocker run --rm \\\n  -v \/var\/run\/docker.sock:\/var\/run\/docker.sock \\\n  -v \/tmp\/trivy-cache:\/root\/.cache\/trivy \\\n  aquasec\/trivy image myapp:latest\n<\/code><\/pre>\n\n\n\n<p><strong>\u041f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0430:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u041d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438<\/li>\n\n\n\n<li>\u0412\u0441\u0435\u0433\u0434\u0430 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f<\/li>\n\n\n\n<li>\u0418\u0437\u043e\u043b\u044f\u0446\u0438\u044f \u043e\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b<\/li>\n<\/ul>\n\n\n\n<p><strong>\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u041c\u0435\u0434\u043b\u0435\u043d\u043d\u0435\u0435, \u0447\u0435\u043c \u043d\u0430\u0442\u0438\u0432\u043d\u0430\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430<\/li>\n\n\n\n<li>\u0422\u0440\u0435\u0431\u0443\u0435\u0442 Docker<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D1%81%D0%BF%D0%BE%D1%81%D0%BE%D0%B1-2-binary-linuxmacoswindows\"><span class=\"ez-toc-section\" id=\"%D0%A1%D0%BF%D0%BE%D1%81%D0%BE%D0%B1_2_Binary_LinuxmacOSWindows\"><\/span>\u0421\u043f\u043e\u0441\u043e\u0431 2: Binary (Linux\/macOS\/Windows)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"linux-x86_64\"><span class=\"ez-toc-section\" id=\"Linux_x86_64\"><\/span>Linux (x86_64)<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043a\u0430\u0447\u0430\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044e\u044e \u0432\u0435\u0440\u0441\u0438\u044e<\/em>\nwget https:\/\/github.com\/aquasecurity\/trivy\/releases\/latest\/download\/trivy_0.50.1_Linux-64bit.tar.gz\n\n<em># \u0420\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u0430\u0442\u044c<\/em>\nsudo tar zxvf trivy_0.50.1_Linux-64bit.tar.gz -C \/usr\/local\/bin trivy\n\n<em># \u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443<\/em>\ntrivy --version\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"macos-homebrew\"><span class=\"ez-toc-section\" id=\"macOS_Homebrew\"><\/span>macOS (Homebrew)<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>brew install trivy\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"windows-chocolatey\"><span class=\"ez-toc-section\" id=\"Windows_Chocolatey\"><\/span>Windows (Chocolatey)<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>choco install trivy\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"windows-scoop\"><span class=\"ez-toc-section\" id=\"Windows_Scoop\"><\/span>Windows (Scoop)<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>scoop install trivy\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D1%81%D0%BF%D0%BE%D1%81%D0%BE%D0%B1-3-%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0-%D1%87%D0%B5%D1%80%D0%B5%D0%B7-%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82-%D1%83%D0%BD%D0%B8%D0%B2%D0%B5%D1%80%D1%81%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9\"><span class=\"ez-toc-section\" id=\"%D0%A1%D0%BF%D0%BE%D1%81%D0%BE%D0%B1_3_%D0%A3%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0_%D1%87%D0%B5%D1%80%D0%B5%D0%B7_%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82_%D1%83%D0%BD%D0%B8%D0%B2%D0%B5%D1%80%D1%81%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9\"><\/span>\u0421\u043f\u043e\u0441\u043e\u0431 3: \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u0440\u0438\u043f\u0442 (\u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0439)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0410\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0434\u043b\u044f Linux\/macOS<\/em>\ncurl -sfL https:\/\/raw.githubusercontent.com\/aquasecurity\/trivy\/main\/contrib\/install.sh | sh -s -- -b \/usr\/local\/bin\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D1%81%D0%BF%D0%BE%D1%81%D0%BE%D0%B1-4-%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0-%D0%B2-%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%B9%D0%BD%D0%B5%D1%80-%D0%B4%D0%BB%D1%8F-cicd\"><span class=\"ez-toc-section\" id=\"%D0%A1%D0%BF%D0%BE%D1%81%D0%BE%D0%B1_4_%D0%A3%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0_%D0%B2_%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%B9%D0%BD%D0%B5%D1%80_%D0%B4%D0%BB%D1%8F_CICD\"><\/span>\u0421\u043f\u043e\u0441\u043e\u0431 4: \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 (\u0434\u043b\u044f CI\/CD)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>FROM alpine:latest\nRUN apk add --no-cache curl\nRUN curl -sfL https:\/\/raw.githubusercontent.com\/aquasecurity\/trivy\/main\/contrib\/install.sh | \\\n    sh -s -- -b \/usr\/local\/bin\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BE%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5-trivy\"><span class=\"ez-toc-section\" id=\"%D0%9E%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5_Trivy\"><\/span>\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Trivy<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0410\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435<\/em>\ntrivy --self-update\n\n<em># \u0418\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 \u043f\u0430\u043a\u0435\u0442\u043d\u044b\u0439 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440<\/em>\nbrew upgrade trivy  <em># macOS<\/em>\nchoco upgrade trivy  <em># Windows<\/em>\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BF%D0%B5%D1%80%D0%B2%D0%BE%D0%BD%D0%B0%D1%87%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F-%D0%BD%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0\"><span class=\"ez-toc-section\" id=\"%D0%9F%D0%B5%D1%80%D0%B2%D0%BE%D0%BD%D0%B0%D1%87%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F_%D0%BD%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0\"><\/span>\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0430\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u041f\u043e\u0441\u043b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Trivy \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442 \u0431\u0430\u0437\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0438 \u043f\u0435\u0440\u0432\u043e\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0435:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u041f\u0435\u0440\u0432\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a \u0437\u0430\u0439\u043c\u0451\u0442 1-2 \u043c\u0438\u043d\u0443\u0442\u044b (\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0411\u0414)<\/em>\ntrivy image nginx:latest\n\n<em># \u041f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0438 \u0431\u0443\u0434\u0443\u0442 \u0431\u044b\u0441\u0442\u0440\u0435\u0435<\/em>\n<\/code><\/pre>\n\n\n\n<p>\u0411\u0430\u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u0432&nbsp;<code>~\/.cache\/trivy\/<\/code>&nbsp;(Linux\/macOS) \u0438\u043b\u0438&nbsp;<code>%LOCALAPPDATA%\\trivy\\<\/code>&nbsp;(Windows).<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"%D0%B1%D0%B0%D0%B7%D0%BE%D0%B2%D0%BE%D0%B5-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-docker-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2-%D0%B1%D0%B0%D0%B7%D0%BE%D0%B2%D0%BE%D0%B5-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5\"><span class=\"ez-toc-section\" id=\"%D0%91%D0%B0%D0%B7%D0%BE%D0%B2%D0%BE%D0%B5_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_Docker-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2\"><\/span>\u0411\u0430\u0437\u043e\u0432\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BF%D1%80%D0%BE%D1%81%D1%82%D0%BE%D0%B5-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5\"><span class=\"ez-toc-section\" id=\"%D0%9F%D1%80%D0%BE%D1%81%D1%82%D0%BE%D0%B5_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5\"><\/span>\u041f\u0440\u043e\u0441\u0442\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>trivy image nginx:1.25-alpine\n<\/code><\/pre>\n\n\n\n<p><strong>\u0412\u044b\u0432\u043e\u0434 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u0442\u044c \u0442\u0430\u043a:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>2025-12-05T10:30:15.123Z    INFO    Vulnerability scanning is enabled\n2025-12-05T10:30:15.456Z    INFO    Detected OS: alpine\n2025-12-05T10:30:15.789Z    INFO    Detecting Alpine vulnerabilities...\n\nnginx:1.25-alpine (alpine 3.18.4)\n==================================\nTotal: 15 (HIGH: 3, MEDIUM: 8, LOW: 4)\n\n\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n\u2502    Library       \u2502  Vulnerability \u2502 Severity \u2502   Installed Ver. \u2502 Fixed Ver.  \u2502  Layer    \u2502\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\n\u2502 openssl          \u2502 CVE-2023-5678  \u2502 HIGH     \u2502 1.1.1l-r0        \u2502 1.1.1w-r0   \u2502 apk:A\u2026    \u2502\n\u2502 libcrypto1.1    \u2502 CVE-2023-4807  \u2502 HIGH     \u2502 1.1.1l-r0        \u2502 1.1.1w-r0   \u2502 apk:A\u2026    \u2502\n\u2502 busybox          \u2502 CVE-2023-4237  \u2502 MEDIUM   \u2502 1.36.1-r2        \u2502 1.36.1-r3   \u2502 apk:A\u2026    \u2502\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BF%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%BD%D0%B8%D0%B5-%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%82%D0%BE%D0%B2\"><span class=\"ez-toc-section\" id=\"%D0%9F%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%BD%D0%B8%D0%B5_%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%82%D0%BE%D0%B2\"><\/span>\u041f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u0432<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Library<\/strong>\u00a0\u2014 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u043f\u0430\u043a\u0435\u0442\u0430\/\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438<\/li>\n\n\n\n<li><strong>Vulnerability<\/strong>\u00a0\u2014 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE (Common Vulnerabilities and Exposures)<\/li>\n\n\n\n<li><strong>Severity<\/strong>\u00a0\u2014 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438:\n<ul class=\"wp-block-list\">\n<li><code>CRITICAL<\/code>\u00a0(9.0-10.0) \u2014 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435<\/li>\n\n\n\n<li><code>HIGH<\/code>\u00a0(7.0-8.9) \u2014 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f<\/li>\n\n\n\n<li><code>MEDIUM<\/code>\u00a0(4.0-6.9) \u2014 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438<\/li>\n\n\n\n<li><code>LOW<\/code>\u00a0(0.1-3.9) \u2014 \u043d\u0438\u0437\u043a\u0438\u0439 \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Installed Version<\/strong>\u00a0\u2014 \u0442\u0435\u043a\u0443\u0449\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0432 \u043e\u0431\u0440\u0430\u0437\u0435<\/li>\n\n\n\n<li><strong>Fixed Version<\/strong>\u00a0\u2014 \u0432\u0435\u0440\u0441\u0438\u044f, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430<\/li>\n\n\n\n<li><strong>Layer<\/strong>\u00a0\u2014 \u0441\u043b\u043e\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u0430, \u0433\u0434\u0435 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D0%BB%D0%BE%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%B0\"><span class=\"ez-toc-section\" id=\"%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BB%D0%BE%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE_%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%B0\"><\/span>\u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u0415\u0441\u043b\u0438 \u043e\u0431\u0440\u0430\u0437 \u0443\u0436\u0435 \u0441\u043e\u0431\u0440\u0430\u043d \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0431\u0440\u0430\u0437\u0430 \u043f\u043e \u0438\u043c\u0435\u043d\u0438<\/em>\ntrivy image myapp:latest\n\n<em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0431\u0440\u0430\u0437\u0430 \u043f\u043e ID<\/em>\ntrivy image abc123def456\n\n<em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0431\u0440\u0430\u0437\u0430 \u0438\u0437 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u043e\u0433\u043e registry<\/em>\ntrivy image registry.example.com\/myapp:v1.0.0\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D1%81-%D1%84%D0%B8%D0%BB%D1%8C%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B5%D0%B9-%D0%BF%D0%BE-%D1%81%D0%B5%D1%80%D1%8C%D1%91%D0%B7%D0%BD%D0%BE%D1%81%D1%82%D0%B8\"><span class=\"ez-toc-section\" id=\"%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D1%81_%D1%84%D0%B8%D0%BB%D1%8C%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B5%D0%B9_%D0%BF%D0%BE_%D1%81%D0%B5%D1%80%D1%8C%D1%91%D0%B7%D0%BD%D0%BE%D1%81%D1%82%D0%B8\"><\/span>\u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0435\u0439 \u043f\u043e \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u0438<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u041f\u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e CRITICAL \u0438 HIGH<\/em>\ntrivy image --severity HIGH,CRITICAL nginx:latest\n\n<em># \u041f\u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u0441\u0435, \u043a\u0440\u043e\u043c\u0435 LOW<\/em>\ntrivy image --severity HIGH,CRITICAL,MEDIUM nginx:latest\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%B8%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8B%D1%85-%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9\"><span class=\"ez-toc-section\" id=\"%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8B%D1%85_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9\"><\/span>\u0418\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u0418\u043d\u043e\u0433\u0434\u0430 \u043f\u043e\u043b\u0435\u0437\u043d\u043e \u0441\u043a\u0440\u044b\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0435\u0449\u0451 \u043d\u0435\u0442 \u043f\u0430\u0442\u0447\u0430:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u041f\u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438<\/em>\ntrivy image --ignore-unfixed nginx:latest\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%B4%D0%B5%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9-%D0%BE%D1%82%D1%87%D1%91%D1%82-%D1%81-%D0%BE%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D1%8F%D0%BC%D0%B8\"><span class=\"ez-toc-section\" id=\"%D0%94%D0%B5%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9_%D0%BE%D1%82%D1%87%D1%91%D1%82_%D1%81_%D0%BE%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D1%8F%D0%BC%D0%B8\"><\/span>\u0414\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f\u043c\u0438<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u041f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438<\/em>\ntrivy image --format json nginx:latest | jq '.&#91;] | .Vulnerabilities&#91;] | {id, severity, description}'\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"%D1%80%D0%B0%D1%81%D1%88%D0%B8%D1%80%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5-%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8-trivy-%D1%80%D0%B0%D1%81%D1%88%D0%B8%D1%80%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5-%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8\"><span class=\"ez-toc-section\" id=\"%D0%A0%D0%B0%D1%81%D1%88%D0%B8%D1%80%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5_%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8_Trivy\"><\/span>\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 Trivy<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"1-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-git-%D1%80%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%D0%BE%D1%80%D0%B8%D0%B5%D0%B2\"><span class=\"ez-toc-section\" id=\"1_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_Git-%D1%80%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%D0%BE%D1%80%D0%B8%D0%B5%D0%B2\"><\/span>1. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Git-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Trivy \u043c\u043e\u0436\u0435\u0442 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e, \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044f \u0444\u0430\u0439\u043b\u044b \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0435\u0439:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f<\/em>\ntrivy repo https:\/\/github.com\/yourorg\/awesome-app\n\n<em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f<\/em>\ntrivy repo \/path\/to\/local\/repo\n\n<em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435\u043c \u0432\u0435\u0442\u043a\u0438<\/em>\ntrivy repo https:\/\/github.com\/yourorg\/awesome-app --branch main\n<\/code><\/pre>\n\n\n\n<p><strong>\u0427\u0442\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u0442\u0441\u044f:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>package.json<\/code>\u00a0(Node.js)<\/li>\n\n\n\n<li><code>requirements.txt<\/code>,\u00a0<code>Pipfile<\/code>,\u00a0<code>poetry.lock<\/code>\u00a0(Python)<\/li>\n\n\n\n<li><code>Gemfile<\/code>,\u00a0<code>Gemfile.lock<\/code>\u00a0(Ruby)<\/li>\n\n\n\n<li><code>pom.xml<\/code>,\u00a0<code>build.gradle<\/code>\u00a0(Java)<\/li>\n\n\n\n<li><code>go.mod<\/code>,\u00a0<code>go.sum<\/code>\u00a0(Go)<\/li>\n\n\n\n<li><code>Cargo.toml<\/code>,\u00a0<code>Cargo.lock<\/code>\u00a0(Rust)<\/li>\n\n\n\n<li><code>composer.json<\/code>\u00a0(PHP)<\/li>\n\n\n\n<li>\u0418 \u0434\u0440\u0443\u0433\u0438\u0435&#8230;<\/li>\n<\/ul>\n\n\n\n<p><strong>\u041f\u0440\u0438\u043c\u0435\u0440 \u0432\u044b\u0432\u043e\u0434\u0430:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>yourorg\/awesome-app (package.json)\n===================================\nTotal: 8 (HIGH: 2, MEDIUM: 4, LOW: 2)\n\n\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n\u2502    Library       \u2502  Vulnerability \u2502 Severity \u2502   Installed Ver. \u2502 Fixed Ver.  \u2502\n\u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u253c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524\n\u2502 express          \u2502 CVE-2022-24999  \u2502 HIGH     \u2502 4.17.1           \u2502 4.18.2      \u2502\n\u2502 lodash           \u2502 CVE-2021-23337  \u2502 MEDIUM   \u2502 4.17.20          \u2502 4.17.21     \u2502\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-kubernetes-%D0%BA%D0%BB%D0%B0%D1%81%D1%82%D0%B5%D1%80%D0%BE%D0%B2\"><span class=\"ez-toc-section\" id=\"2_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_Kubernetes-%D0%BA%D0%BB%D0%B0%D1%81%D1%82%D0%B5%D1%80%D0%BE%D0%B2\"><\/span>2. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Kubernetes-\u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Trivy \u043c\u043e\u0436\u0435\u0442 \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u0435\u0441\u044c \u043a\u043b\u0430\u0441\u0442\u0435\u0440 Kubernetes:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0441\u0435\u0433\u043e \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430<\/em>\ntrivy k8s --report summary cluster\n\n<em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0433\u043e namespace<\/em>\ntrivy k8s --namespace production cluster\n\n<em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441 \u0432\u044b\u0432\u043e\u0434\u043e\u043c \u0432 JSON<\/em>\ntrivy k8s --format json --report all cluster &gt; k8s-report.json\n<\/code><\/pre>\n\n\n\n<p><strong>\u0427\u0442\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442\u0441\u044f:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043e\u0431\u0440\u0430\u0437\u0430\u0445 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432<\/li>\n\n\n\n<li>\u041d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 (\u0437\u0430\u043f\u0443\u0441\u043a \u043e\u0442 root, \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b)<\/li>\n\n\n\n<li>\u041e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 security contexts<\/li>\n\n\n\n<li>\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 network policies<\/li>\n<\/ul>\n\n\n\n<p><strong>\u041f\u0440\u0438\u043c\u0435\u0440 \u0432\u044b\u0432\u043e\u0434\u0430:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>k8s-cluster\n===========\nTotal: 42 vulnerabilities found\n\nNamespaces:\n  default: 15 vulnerabilities\n  production: 20 vulnerabilities\n  staging: 7 vulnerabilities\n\nCritical Issues:\n  - Deployment 'webapp' uses image with CVE-2023-5678 (CRITICAL)\n  - Pod 'api-server' runs as root (HIGH)\n  - Service 'database' exposes port without network policy (MEDIUM)\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"3-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D0%BA%D0%BE%D0%BD%D1%84%D0%B8%D0%B3%D1%83%D1%80%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D1%85-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%B2\"><span class=\"ez-toc-section\" id=\"3_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BA%D0%BE%D0%BD%D1%84%D0%B8%D0%B3%D1%83%D1%80%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D1%85_%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%B2\"><\/span>3. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Trivy \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 Dockerfile, Kubernetes-\u043c\u0430\u043d\u0438\u0444\u0435\u0441\u0442\u044b, Terraform \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0438:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Dockerfile<\/em>\ntrivy config Dockerfile\n\n<em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u043e\u0432 \u0432 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438<\/em>\ntrivy config .\/k8s\/\n\n<em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Terraform<\/em>\ntrivy config --config-policy .\/policies\/ .\/terraform\/\n<\/code><\/pre>\n\n\n\n<p><strong>\u041f\u0440\u0438\u043c\u0435\u0440\u044b \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u274c \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430: \u0437\u0430\u043f\u0443\u0441\u043a \u043e\u0442 root<\/em>\nFROM ubuntu:20.04\nUSER root\nCMD &#91;\"nginx\"]\n\n<em># \u2705 \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f Trivy:<\/em>\nFROM ubuntu:20.04\nRUN useradd -m -u 1000 appuser\nUSER appuser\nCMD &#91;\"nginx\"]\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"4-%D0%B3%D0%B5%D0%BD%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F-%D0%BE%D1%82%D1%87%D1%91%D1%82%D0%BE%D0%B2-%D0%B2-%D1%80%D0%B0%D0%B7%D0%BD%D1%8B%D1%85-%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B0%D1%85\"><span class=\"ez-toc-section\" id=\"4_%D0%93%D0%B5%D0%BD%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F_%D0%BE%D1%82%D1%87%D1%91%D1%82%D0%BE%D0%B2_%D0%B2_%D1%80%D0%B0%D0%B7%D0%BD%D1%8B%D1%85_%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B0%D1%85\"><\/span>4. \u0413\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u044f \u043e\u0442\u0447\u0451\u0442\u043e\u0432 \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0444\u043e\u0440\u043c\u0430\u0442\u0430\u0445<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"json-%D0%B4%D0%BB%D1%8F-%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B9-%D0%BE%D0%B1%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B8\"><span class=\"ez-toc-section\" id=\"JSON_%D0%B4%D0%BB%D1%8F_%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B9_%D0%BE%D0%B1%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B8\"><\/span>JSON (\u0434\u043b\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438)<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>trivy image --format json -o report.json nginx:latest\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"sarif-%D0%B4%D0%BB%D1%8F-github-advanced-security\"><span class=\"ez-toc-section\" id=\"SARIF_%D0%B4%D0%BB%D1%8F_GitHub_Advanced_Security\"><\/span>SARIF (\u0434\u043b\u044f GitHub Advanced Security)<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>trivy image --format sarif -o trivy.sarif myapp:latest\n<\/code><\/pre>\n\n\n\n<p>\u0417\u0430\u0442\u0435\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u0435 \u0432 GitHub:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>gh api repos\/yourorg\/yourrepo\/code-scanning\/sarifs \\\n  -X POST \\\n  -f commit_sha=$(git rev-parse HEAD) \\\n  -f ref=refs\/heads\/main \\\n  -f sarif=@trivy.sarif\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"cyclonedx-%D0%B4%D0%BB%D1%8F-sbom\"><span class=\"ez-toc-section\" id=\"CycloneDX_%D0%B4%D0%BB%D1%8F_SBOM\"><\/span>CycloneDX (\u0434\u043b\u044f SBOM)<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>trivy image --format cyclonedx -o sbom.json nginx:latest\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"html-%D0%B4%D0%BB%D1%8F-%D0%B2%D0%B8%D0%B7%D1%83%D0%B0%D0%BB%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8\"><span class=\"ez-toc-section\" id=\"HTML_%D0%B4%D0%BB%D1%8F_%D0%B2%D0%B8%D0%B7%D1%83%D0%B0%D0%BB%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8\"><\/span>HTML (\u0434\u043b\u044f \u0432\u0438\u0437\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438)<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>trivy image --format template --template \"@contrib\/html.tpl\" -o report.html nginx:latest\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"5-%D0%BD%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0-%D0%BA%D1%8D%D1%88%D0%B0-%D0%B8-%D0%BF%D1%80%D0%BE%D0%BA%D1%81%D0%B8\"><span class=\"ez-toc-section\" id=\"5_%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0_%D0%BA%D1%8D%D1%88%D0%B0_%D0%B8_%D0%BF%D1%80%D0%BE%D0%BA%D1%81%D0%B8\"><\/span>5. \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043a\u044d\u0448\u0430 \u0438 \u043f\u0440\u043e\u043a\u0441\u0438<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D0%BB%D0%BE%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE-%D0%BA%D1%8D%D1%88%D0%B0\"><span class=\"ez-toc-section\" id=\"%D0%98%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BB%D0%BE%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE_%D0%BA%D1%8D%D1%88%D0%B0\"><\/span>\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u044d\u0448\u0430<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0423\u043a\u0430\u0437\u0430\u0442\u044c \u043a\u0430\u0441\u0442\u043e\u043c\u043d\u0443\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e \u043a\u044d\u0448\u0430<\/em>\nexport TRIVY_CACHE_DIR=\/tmp\/trivy-cache\ntrivy image nginx:latest\n\n<em># \u0418\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 \u0444\u043b\u0430\u0433<\/em>\ntrivy image --cache-dir \/tmp\/trivy-cache nginx:latest\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0-%D1%87%D0%B5%D1%80%D0%B5%D0%B7-%D0%BF%D1%80%D0%BE%D0%BA%D1%81%D0%B8\"><span class=\"ez-toc-section\" id=\"%D0%A0%D0%B0%D0%B1%D0%BE%D1%82%D0%B0_%D1%87%D0%B5%D1%80%D0%B5%D0%B7_%D0%BF%D1%80%D0%BE%D0%BA%D1%81%D0%B8\"><\/span>\u0420\u0430\u0431\u043e\u0442\u0430 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u043e\u043a\u0441\u0438<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>export HTTP_PROXY=http:\/\/proxy.example.com:8080\nexport HTTPS_PROXY=http:\/\/proxy.example.com:8080\nexport NO_PROXY=localhost,127.0.0.1\n\ntrivy image nginx:latest\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"%D0%BE%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5-%D0%B1%D0%B0%D0%B7%D1%8B-%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85-%D0%B1%D0%B5%D0%B7-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F\"><span class=\"ez-toc-section\" id=\"%D0%9E%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5_%D0%B1%D0%B0%D0%B7%D1%8B_%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85_%D0%B1%D0%B5%D0%B7_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F\"><\/span>\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0431\u0435\u0437 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0431\u0430\u0437\u0443 CVE<\/em>\ntrivy --download-db-only\n\n<em># \u0423\u043a\u0430\u0437\u0430\u0442\u044c \u043a\u0430\u0441\u0442\u043e\u043c\u043d\u044b\u0439 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a \u0431\u0430\u0437\u044b<\/em>\ntrivy --db-repository aquasecurity\/trivy-db image nginx:latest\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"6-%D0%B8%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D0%BA%D0%BE%D0%BD%D0%BA%D1%80%D0%B5%D1%82%D0%BD%D1%8B%D1%85-%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9\"><span class=\"ez-toc-section\" id=\"6_%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BA%D0%BE%D0%BD%D0%BA%D1%80%D0%B5%D1%82%D0%BD%D1%8B%D1%85_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B5%D0%B9\"><\/span>6. \u0418\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u0421\u043e\u0437\u0434\u0430\u0439\u0442\u0435 \u0444\u0430\u0439\u043b&nbsp;<code>.trivyignore<\/code>:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># \u0418\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u0443\u044e CVE\nCVE-2023-5678\n\n# \u0418\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u043c\nCVE-2023-4807 # \u041b\u043e\u0436\u043d\u043e\u0435 \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043d\u0438\u0435, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u0440\u0435\u043b\u0438\u0437\u0435\n<\/code><\/pre>\n\n\n\n<p>\u0418\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 \u0444\u043b\u0430\u0433:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>trivy image --ignorefile .trivyignore nginx:latest\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"%D0%B8%D0%BD%D1%82%D0%B5%D0%B3%D1%80%D0%B0%D1%86%D0%B8%D1%8F-%D0%B2-cicd-github-actions-gitlab-ci-jenkins-%D0%B8%D0%BD%D1%82%D0%B5%D0%B3%D1%80%D0%B0%D1%86%D0%B8%D1%8F-%D0%B2-cicd\"><span class=\"ez-toc-section\" id=\"%D0%98%D0%BD%D1%82%D0%B5%D0%B3%D1%80%D0%B0%D1%86%D0%B8%D1%8F_%D0%B2_CICD_GitHub_Actions_GitLab_CI_Jenkins\"><\/span>\u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0432 CI\/CD: GitHub Actions, GitLab CI, Jenkins<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"github-actions\"><span class=\"ez-toc-section\" id=\"GitHub_Actions\"><\/span>GitHub Actions<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"%D0%B1%D0%B0%D0%B7%D0%BE%D0%B2%D1%8B%D0%B9-%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80\"><span class=\"ez-toc-section\" id=\"%D0%91%D0%B0%D0%B7%D0%BE%D0%B2%D1%8B%D0%B9_%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80\"><\/span>\u0411\u0430\u0437\u043e\u0432\u044b\u0439 \u043f\u0440\u0438\u043c\u0435\u0440<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>name: Security Scan\n\non:\n  push:\n    branches: &#91; main, develop ]\n  pull_request:\n    branches: &#91; main ]\n\njobs:\n  trivy-scan:\n    runs-on: ubuntu-latest\n    permissions:\n      contents: read\n      security-events: write\n    \n    steps:\n      - name: Checkout code\n        uses: actions\/checkout@v4\n      \n      - name: Build Docker image\n        run: |\n          docker build -t myapp:${{ github.sha }} .\n      \n      - name: Run Trivy vulnerability scanner\n        uses: aquasecurity\/trivy-action@0.13.0\n        with:\n          image-ref: myapp:${{ github.sha }}\n          format: 'sarif'\n          output: 'trivy-results.sarif'\n          severity: 'CRITICAL,HIGH'\n          exit-code: '1'\n      \n      - name: Upload Trivy results to GitHub Security\n        uses: github\/codeql-action\/upload-sarif@v2\n        with:\n          sarif_file: 'trivy-results.sarif'\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"%D0%BF%D1%80%D0%BE%D0%B4%D0%B2%D0%B8%D0%BD%D1%83%D1%82%D1%8B%D0%B9-%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80-%D1%81-%D0%BA%D1%8D%D1%88%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%D0%BC\"><span class=\"ez-toc-section\" id=\"%D0%9F%D1%80%D0%BE%D0%B4%D0%B2%D0%B8%D0%BD%D1%83%D1%82%D1%8B%D0%B9_%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80_%D1%81_%D0%BA%D1%8D%D1%88%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%D0%BC\"><\/span>\u041f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u044b\u0439 \u043f\u0440\u0438\u043c\u0435\u0440 \u0441 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>name: Security Scan\n\non:\n  push:\n    branches: &#91; main ]\n  schedule:\n    - cron: '0 0 * * *'  <em># \u0415\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e \u0432 \u043f\u043e\u043b\u043d\u043e\u0447\u044c<\/em>\n\njobs:\n  trivy-scan:\n    runs-on: ubuntu-latest\n    \n    steps:\n      - name: Checkout code\n        uses: actions\/checkout@v4\n      \n      - name: Set up Docker Buildx\n        uses: docker\/setup-buildx-action@v3\n      \n      - name: Build Docker image\n        uses: docker\/build-push-action@v5\n        with:\n          context: .\n          push: false\n          tags: myapp:${{ github.sha }}\n          cache-from: type=gha\n          cache-to: type=gha,mode=max\n      \n      - name: Cache Trivy DB\n        uses: actions\/cache@v3\n        with:\n          path: ~\/.cache\/trivy\n          key: trivy-db-${{ runner.os }}\n          restore-keys: |\n            trivy-db-${{ runner.os }}\n      \n      - name: Run Trivy scanner\n        uses: aquasecurity\/trivy-action@0.13.0\n        with:\n          image-ref: myapp:${{ github.sha }}\n          format: 'table'\n          severity: 'CRITICAL,HIGH'\n          exit-code: '1'\n          cache-dir: ~\/.cache\/trivy\n      \n      - name: Generate HTML report\n        if: failure()\n        uses: aquasecurity\/trivy-action@0.13.0\n        with:\n          image-ref: myapp:${{ github.sha }}\n          format: 'template'\n          template: '@contrib\/html.tpl'\n          output: 'trivy-report.html'\n      \n      - name: Upload HTML report\n        if: failure()\n        uses: actions\/upload-artifact@v3\n        with:\n          name: trivy-report\n          path: trivy-report.html\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"gitlab-ci\"><span class=\"ez-toc-section\" id=\"GitLab_CI\"><\/span>GitLab CI<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>stages:\n  - build\n  - security\n\nvariables:\n  TRIVY_VERSION: \"latest\"\n  DOCKER_DRIVER: overlay2\n  DOCKER_TLS_CERTDIR: \"\/certs\"\n\nbuild:\n  stage: build\n  image: docker:24\n  services:\n    - docker:24-dind\n  before_script:\n    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY\n  script:\n    - docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA .\n    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA\n\ntrivy-scan:\n  stage: security\n  image: aquasec\/trivy:latest\n  script:\n    - trivy image --exit-code 1 --severity HIGH,CRITICAL $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA\n  only:\n    - main\n    - merge_requests\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"jenkins\"><span class=\"ez-toc-section\" id=\"Jenkins\"><\/span>Jenkins<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>pipeline {\n    agent any\n    \n    environment {\n        TRIVY_CACHE_DIR = \"${WORKSPACE}\/.trivy-cache\"\n    }\n    \n    stages {\n        stage('Build') {\n            steps {\n                sh 'docker build -t myapp:${BUILD_NUMBER} .'\n            }\n        }\n        \n        stage('Security Scan') {\n            steps {\n                sh '''\n                    docker run --rm \\\n                        -v \/var\/run\/docker.sock:\/var\/run\/docker.sock \\\n                        -v ${TRIVY_CACHE_DIR}:\/root\/.cache\/trivy \\\n                        aquasec\/trivy:latest \\\n                        image --exit-code 1 --severity HIGH,CRITICAL \\\n                        myapp:${BUILD_NUMBER}\n                '''\n            }\n        }\n        \n        stage('Publish Report') {\n            when {\n                anyOf {\n                    branch 'main'\n                    branch 'develop'\n                }\n            }\n            steps {\n                sh '''\n                    docker run --rm \\\n                        -v \/var\/run\/docker.sock:\/var\/run\/docker.sock \\\n                        -v ${TRIVY_CACHE_DIR}:\/root\/.cache\/trivy \\\n                        -v ${WORKSPACE}:\/workspace \\\n                        aquasec\/trivy:latest \\\n                        image --format template --template \"@contrib\/html.tpl\" \\\n                        -o \/workspace\/trivy-report.html \\\n                        myapp:${BUILD_NUMBER}\n                '''\n                publishHTML(&#91;\n                    reportName: 'Trivy Security Report',\n                    reportDir: '.',\n                    reportFiles: 'trivy-report.html',\n                    keepAll: true\n                ])\n            }\n        }\n    }\n}\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"azure-devops\"><span class=\"ez-toc-section\" id=\"Azure_DevOps\"><\/span>Azure DevOps<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>trigger:\n  branches:\n    include:\n      - main\n\npool:\n  vmImage: 'ubuntu-latest'\n\nsteps:\n  - task: Docker@2\n    displayName: 'Build Docker image'\n    inputs:\n      command: 'build'\n      repository: 'myapp'\n      tags: '$(Build.BuildId)'\n  \n  - script: |\n      docker run --rm \\\n        -v \/var\/run\/docker.sock:\/var\/run\/docker.sock \\\n        aquasec\/trivy:latest \\\n        image --exit-code 1 --severity HIGH,CRITICAL \\\n        myapp:$(Build.BuildId)\n    displayName: 'Run Trivy scan'\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"%D0%BF%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5-%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80%D1%8B-%D0%B8-%D0%BA%D0%B5%D0%B9%D1%81%D1%8B-%D0%BF%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5-%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80%D1%8B\"><span class=\"ez-toc-section\" id=\"%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5_%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80%D1%8B_%D0%B8_%D0%BA%D0%B5%D0%B9%D1%81%D1%8B\"><\/span>\u041f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u0438 \u043a\u0435\u0439\u0441\u044b<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80-1-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D0%BF%D0%B5%D1%80%D0%B5%D0%B4-%D0%B4%D0%B5%D0%BF%D0%BB%D0%BE%D0%B5%D0%BC\"><span class=\"ez-toc-section\" id=\"%D0%9F%D1%80%D0%B8%D0%BC%D0%B5%D1%80_1_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BF%D0%B5%D1%80%D0%B5%D0%B4_%D0%B4%D0%B5%D0%BF%D0%BB%D0%BE%D0%B5%D0%BC\"><\/span>\u041f\u0440\u0438\u043c\u0435\u0440 1: \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0435\u0440\u0435\u0434 \u0434\u0435\u043f\u043b\u043e\u0435\u043c<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>#!\/bin\/bash\n<em># deploy-with-scan.sh<\/em>\n\nIMAGE=\"myapp:latest\"\nTHRESHOLD=\"HIGH\"\n\necho \"\ud83d\udd0d \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0431\u0440\u0430\u0437\u0430 $IMAGE...\"\n\n<em># \u0421\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u043c \u043e\u0431\u0440\u0430\u0437<\/em>\ntrivy image --exit-code 1 --severity $THRESHOLD,CRITICAL $IMAGE\n\nif &#91; $? -eq 0 ]; then\n    echo \"\u2705 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435 \u043d\u0430\u0439\u0434\u0435\u043d\u043e, \u0434\u0435\u043f\u043b\u043e\u0438\u043c...\"\n    docker push $IMAGE\n    kubectl set image deployment\/myapp app=$IMAGE\nelse\n    echo \"\u274c \u041d\u0430\u0439\u0434\u0435\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0434\u0435\u043f\u043b\u043e\u0439 \u043e\u0442\u043c\u0435\u043d\u0451\u043d\"\n    exit 1\nfi\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80-2-%D0%B5%D0%B6%D0%B5%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D1%8B%D0%B9-%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B8%D0%BD%D0%B3\"><span class=\"ez-toc-section\" id=\"%D0%9F%D1%80%D0%B8%D0%BC%D0%B5%D1%80_2_%D0%95%D0%B6%D0%B5%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D1%8B%D0%B9_%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B8%D0%BD%D0%B3\"><\/span>\u041f\u0440\u0438\u043c\u0435\u0440 2: \u0415\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u044b\u0439 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>#!\/bin\/bash\n<em># daily-scan.sh<\/em>\n\nIMAGES=(\n    \"nginx:latest\"\n    \"postgres:15\"\n    \"redis:7\"\n    \"myapp:latest\"\n)\n\nfor image in \"${IMAGES&#91;@]}\"; do\n    echo \"\u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 $image...\"\n    trivy image --format json -o \"reports\/${image\/\/\\\/\/_}.json\" $image\ndone\n\n<em># \u041e\u0442\u043f\u0440\u0430\u0432\u043a\u0430 \u043e\u0442\u0447\u0451\u0442\u0430 \u0432 Slack<\/em>\ncurl -X POST -H 'Content-type: application\/json' \\\n  --data \"{\\\"text\\\":\\\"\u0415\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0433\u043e\u0442\u043e\u0432\\\"}\" \\\n  $SLACK_WEBHOOK_URL\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80-3-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D0%B2%D1%81%D0%B5%D1%85-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2-%D0%B2-registry\"><span class=\"ez-toc-section\" id=\"%D0%9F%D1%80%D0%B8%D0%BC%D0%B5%D1%80_3_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%B2%D1%81%D0%B5%D1%85_%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2_%D0%B2_registry\"><\/span>\u041f\u0440\u0438\u043c\u0435\u0440 3: \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 registry<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>#!\/bin\/bash\n<em># scan-registry.sh<\/em>\n\nREGISTRY=\"registry.example.com\"\nPROJECT=\"myproject\"\n\n<em># \u041f\u043e\u043b\u0443\u0447\u0430\u0435\u043c \u0441\u043f\u0438\u0441\u043e\u043a \u0432\u0441\u0435\u0445 \u0442\u0435\u0433\u043e\u0432<\/em>\nTAGS=$(curl -s \"https:\/\/$REGISTRY\/v2\/$PROJECT\/tags\/list\" | jq -r '.tags&#91;]')\n\nfor tag in $TAGS; do\n    echo \"\u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 $REGISTRY\/$PROJECT:$tag...\"\n    trivy image --format json \\\n        -o \"reports\/${PROJECT}_${tag}.json\" \\\n        \"$REGISTRY\/$PROJECT:$tag\"\ndone\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%80-4-%D0%B8%D0%BD%D1%82%D0%B5%D0%B3%D1%80%D0%B0%D1%86%D0%B8%D1%8F-%D1%81-%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B8%D0%BD%D0%B3%D0%BE%D0%BC\"><span class=\"ez-toc-section\" id=\"%D0%9F%D1%80%D0%B8%D0%BC%D0%B5%D1%80_4_%D0%98%D0%BD%D1%82%D0%B5%D0%B3%D1%80%D0%B0%D1%86%D0%B8%D1%8F_%D1%81_%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B8%D0%BD%D0%B3%D0%BE%D0%BC\"><\/span>\u041f\u0440\u0438\u043c\u0435\u0440 4: \u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u043e\u043c<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># trivy_monitor.py<\/em>\nimport subprocess\nimport json\nimport requests\n\ndef scan_image(image_name):\n    \"\"\"\u0421\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u043e\u0431\u0440\u0430\u0437 \u0438 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b\"\"\"\n    result = subprocess.run(\n        &#91;'trivy', 'image', '--format', 'json', image_name],\n        capture_output=True,\n        text=True\n    )\n    return json.loads(result.stdout)\n\ndef check_critical_vulnerabilities(scan_result):\n    \"\"\"\u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\"\"\"\n    for result in scan_result:\n        for vuln in result.get('Vulnerabilities', &#91;]):\n            if vuln.get('Severity') == 'CRITICAL':\n                return True\n    return False\n\ndef send_alert(message):\n    \"\"\"\u041e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0430\u043b\u0435\u0440\u0442 \u0432 Telegram\"\"\"\n    bot_token = \"YOUR_BOT_TOKEN\"\n    chat_id = \"YOUR_CHAT_ID\"\n    url = f\"https:\/\/api.telegram.org\/bot{bot_token}\/sendMessage\"\n    requests.post(url, json={'chat_id': chat_id, 'text': message})\n\n<em># \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435<\/em>\nif __name__ == \"__main__\":\n    result = scan_image(\"myapp:latest\")\n    if check_critical_vulnerabilities(result):\n        send_alert(\"\ud83d\udea8 \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 myapp:latest!\")\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"%D0%BE%D0%BF%D1%82%D0%B8%D0%BC%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F-%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8-%D0%BE%D0%BF%D1%82%D0%B8%D0%BC%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F-%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8\"><span class=\"ez-toc-section\" id=\"%D0%9E%D0%BF%D1%82%D0%B8%D0%BC%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F_%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8\"><\/span>\u041e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"1-%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D0%BA%D1%8D%D1%88%D0%B0\"><span class=\"ez-toc-section\" id=\"1_%D0%98%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BA%D1%8D%D1%88%D0%B0\"><\/span>1. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u044d\u0448\u0430<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043e\u0437\u0434\u0430\u0442\u044c \u043e\u0431\u0449\u0438\u0439 \u043a\u044d\u0448 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0439<\/em>\nexport TRIVY_CACHE_DIR=\/shared\/trivy-cache\n\n<em># \u0412 CI\/CD \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043a\u044d\u0448 \u043c\u0435\u0436\u0434\u0443 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043c\u0438<\/em>\n<em># GitHub Actions<\/em>\n- uses: actions\/cache@v3\n  with:\n    path: ~\/.cache\/trivy\n    key: trivy-db-${{ runner.os }}\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2-%D0%BF%D0%B0%D1%80%D0%B0%D0%BB%D0%BB%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5\"><span class=\"ez-toc-section\" id=\"2_%D0%9F%D0%B0%D1%80%D0%B0%D0%BB%D0%BB%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5\"><\/span>2. \u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u043f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e<\/em>\nparallel -j 4 trivy image ::: image1:latest image2:latest image3:latest image4:latest\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"3-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE-%D0%B8%D0%B7%D0%BC%D0%B5%D0%BD%D1%91%D0%BD%D0%BD%D1%8B%D1%85-%D1%81%D0%BB%D0%BE%D1%91%D0%B2\"><span class=\"ez-toc-section\" id=\"3_%D0%A1%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE_%D0%B8%D0%B7%D0%BC%D0%B5%D0%BD%D1%91%D0%BD%D0%BD%D1%8B%D1%85_%D1%81%D0%BB%D0%BE%D1%91%D0%B2\"><\/span>3. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0437\u043c\u0435\u043d\u0451\u043d\u043d\u044b\u0445 \u0441\u043b\u043e\u0451\u0432<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># Trivy \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043a\u044d\u0448\u0438\u0440\u0443\u0435\u0442 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0434\u043b\u044f \u0441\u043b\u043e\u0451\u0432<\/em>\n<em># \u041f\u0440\u0438 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u043c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u043e\u0431\u0440\u0430\u0437\u0430 \u0441 \u0442\u0435\u043c\u0438 \u0436\u0435 \u0441\u043b\u043e\u044f\u043c\u0438 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442 \u0431\u0435\u0440\u0451\u0442\u0441\u044f \u0438\u0437 \u043a\u044d\u0448\u0430<\/em>\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"4-%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D0%BB%D0%BE%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B9-%D0%B1%D0%B0%D0%B7%D1%8B-%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85\"><span class=\"ez-toc-section\" id=\"4_%D0%98%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5_%D0%BB%D0%BE%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B9_%D0%B1%D0%B0%D0%B7%D1%8B_%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85\"><\/span>4. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0431\u0430\u0437\u0443 \u043e\u0434\u0438\u043d \u0440\u0430\u0437<\/em>\ntrivy --download-db-only\n\n<em># \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0443\u044e \u0431\u0430\u0437\u0443 (\u0431\u044b\u0441\u0442\u0440\u0435\u0435, \u0447\u0435\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0438\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430)<\/em>\ntrivy image --skip-db-update nginx:latest\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"5-%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD%D0%B8%D0%B5-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D1%83%D0%B5%D0%BC%D1%8B%D1%85-%D0%BF%D0%B0%D0%BA%D0%B5%D1%82%D0%BD%D1%8B%D1%85-%D0%BC%D0%B5%D0%BD%D0%B5%D0%B4%D0%B6%D0%B5%D1%80%D0%BE%D0%B2\"><span class=\"ez-toc-section\" id=\"5_%D0%9E%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD%D0%B8%D0%B5_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D1%83%D0%B5%D0%BC%D1%8B%D1%85_%D0%BF%D0%B0%D0%BA%D0%B5%D1%82%D0%BD%D1%8B%D1%85_%D0%BC%D0%B5%D0%BD%D0%B5%D0%B4%D0%B6%D0%B5%D1%80%D0%BE%D0%B2\"><\/span>5. \u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043d\u044b\u0445 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u043e\u0432<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e OS-\u043f\u0430\u043a\u0435\u0442\u044b (\u0431\u044b\u0441\u0442\u0440\u0435\u0435)<\/em>\ntrivy image --scanners vuln nginx:latest\n\n<em># \u0418\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432 (\u0435\u0441\u043b\u0438 \u043d\u0435 \u043d\u0443\u0436\u043d\u043e)<\/em>\ntrivy image --scanners vuln,config nginx:latest\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"%D1%87%D0%B0%D1%81%D1%82%D0%BE-%D0%B7%D0%B0%D0%B4%D0%B0%D0%B2%D0%B0%D0%B5%D0%BC%D1%8B%D0%B5-%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B-faq-faq\"><span class=\"ez-toc-section\" id=\"%D0%A7%D0%B0%D1%81%D1%82%D0%BE_%D0%B7%D0%B0%D0%B4%D0%B0%D0%B2%D0%B0%D0%B5%D0%BC%D1%8B%D0%B5_%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B_FAQ\"><\/span>\u0427\u0430\u0441\u0442\u043e \u0437\u0430\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u043e\u043f\u0440\u043e\u0441\u044b (FAQ)<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"q1-%D0%BA%D0%B0%D0%BA-%D1%87%D0%B0%D1%81%D1%82%D0%BE-%D0%BD%D1%83%D0%B6%D0%BD%D0%BE-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D1%8B\"><span class=\"ez-toc-section\" id=\"Q1_%D0%9A%D0%B0%D0%BA_%D1%87%D0%B0%D1%81%D1%82%D0%BE_%D0%BD%D1%83%D0%B6%D0%BD%D0%BE_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C_%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D1%8B\"><\/span>Q1: \u041a\u0430\u043a \u0447\u0430\u0441\u0442\u043e \u043d\u0443\u0436\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u0431\u0440\u0430\u0437\u044b?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>\u041e\u0442\u0432\u0435\u0442:<\/strong>&nbsp;\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u041f\u0440\u0438 \u043a\u0430\u0436\u0434\u043e\u043c \u043a\u043e\u043c\u043c\u0438\u0442\u0435<\/strong>\u00a0\u2014 \u0432 CI\/CD pipeline<\/li>\n\n\n\n<li><strong>\u0415\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e<\/strong>\u00a0\u2014 \u0434\u043b\u044f production-\u043e\u0431\u0440\u0430\u0437\u043e\u0432<\/li>\n\n\n\n<li><strong>\u0415\u0436\u0435\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u043e<\/strong>\u00a0\u2014 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 registry<\/li>\n<\/ul>\n\n\n\n<p>\u0411\u0430\u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 CVE \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0435\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0430\u0436\u043d\u043e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"q2-trivy-%D0%BD%D0%B0%D1%85%D0%BE%D0%B4%D0%B8%D1%82-%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8-%D0%BD%D0%BE-%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9-%D0%BD%D0%B5%D1%82-%D1%87%D1%82%D0%BE-%D0%B4%D0%B5%D0%BB%D0%B0%D1%82%D1%8C\"><span class=\"ez-toc-section\" id=\"Q2_Trivy_%D0%BD%D0%B0%D1%85%D0%BE%D0%B4%D0%B8%D1%82_%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8_%D0%BD%D0%BE_%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9_%D0%BD%D0%B5%D1%82_%D0%A7%D1%82%D0%BE_%D0%B4%D0%B5%D0%BB%D0%B0%D1%82%D1%8C\"><\/span>Q2: Trivy \u043d\u0430\u0445\u043e\u0434\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043d\u0435\u0442. \u0427\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>\u041e\u0442\u0432\u0435\u0442:<\/strong>&nbsp;\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 \u0444\u043b\u0430\u0433&nbsp;<code>--ignore-unfixed<\/code>&nbsp;\u0434\u043b\u044f \u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0442\u0430\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043e\u0442\u0447\u0451\u0442\u0430\u0445, \u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0439\u0442\u0435 \u0438\u0445 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e. \u041a\u043e\u0433\u0434\u0430 \u043f\u043e\u044f\u0432\u0438\u0442\u0441\u044f \u043f\u0430\u0442\u0447, Trivy \u043f\u043e\u043a\u0430\u0436\u0435\u0442 \u0435\u0433\u043e \u0432 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f\u0445.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"q3-%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE-%D0%BB%D0%B8-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-%D0%BF%D1%80%D0%B8%D0%B2%D0%B0%D1%82%D0%BD%D1%8B%D0%B5-registry\"><span class=\"ez-toc-section\" id=\"Q3_%D0%9C%D0%BE%D0%B6%D0%BD%D0%BE_%D0%BB%D0%B8_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C_%D0%BF%D1%80%D0%B8%D0%B2%D0%B0%D1%82%D0%BD%D1%8B%D0%B5_registry\"><\/span>Q3: \u041c\u043e\u0436\u043d\u043e \u043b\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0435 registry?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>\u041e\u0442\u0432\u0435\u0442:<\/strong>&nbsp;\u0414\u0430, Trivy \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># Docker Hub<\/em>\ndocker login\ntrivy image username\/image:tag\n\n<em># AWS ECR<\/em>\naws ecr get-login-password | docker login --username AWS --password-stdin &lt;account-id&gt;.dkr.ecr.&lt;region&gt;.amazonaws.com\ntrivy image &lt;account-id&gt;.dkr.ecr.&lt;region&gt;.amazonaws.com\/image:tag\n\n<em># Google Container Registry<\/em>\ngcloud auth configure-docker\ntrivy image gcr.io\/project\/image:tag\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"q4-%D0%BA%D0%B0%D0%BA-%D0%B8%D0%BD%D1%82%D0%B5%D0%B3%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-trivy-%D1%81-jiraslack\"><span class=\"ez-toc-section\" id=\"Q4_%D0%9A%D0%B0%D0%BA_%D0%B8%D0%BD%D1%82%D0%B5%D0%B3%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C_Trivy_%D1%81_JiraSlack\"><\/span>Q4: \u041a\u0430\u043a \u0438\u043d\u0442\u0435\u0433\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c Trivy \u0441 Jira\/Slack?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>\u041e\u0442\u0432\u0435\u0442:<\/strong>&nbsp;\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 JSON-\u0444\u043e\u0440\u043c\u0430\u0442 \u0438 \u043f\u0430\u0440\u0441\u0438\u0442\u0435 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0413\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u044f JSON<\/em>\ntrivy image --format json -o report.json myapp:latest\n\n<em># \u041f\u0430\u0440\u0441\u0438\u043d\u0433 \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0430 \u0432 Slack<\/em>\njq -r '.Vulnerabilities&#91;] | select(.Severity==\"CRITICAL\") | \"\\(.VulnerabilityID): \\(.Title)\"' report.json | \\\n  while read vuln; do\n    curl -X POST -H 'Content-type: application\/json' \\\n      --data \"{\\\"text\\\":\\\"\ud83d\udea8 $vuln\\\"}\" \\\n      $SLACK_WEBHOOK_URL\n  done\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"q5-trivy-%D0%BC%D0%B5%D0%B4%D0%BB%D0%B5%D0%BD%D0%BD%D0%BE-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D1%83%D0%B5%D1%82-%D0%B1%D0%BE%D0%BB%D1%8C%D1%88%D0%B8%D0%B5-%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D1%8B-%D0%BA%D0%B0%D0%BA-%D1%83%D1%81%D0%BA%D0%BE%D1%80%D0%B8%D1%82%D1%8C\"><span class=\"ez-toc-section\" id=\"Q5_Trivy_%D0%BC%D0%B5%D0%B4%D0%BB%D0%B5%D0%BD%D0%BD%D0%BE_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D1%83%D0%B5%D1%82_%D0%B1%D0%BE%D0%BB%D1%8C%D1%88%D0%B8%D0%B5_%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D1%8B_%D0%9A%D0%B0%D0%BA_%D1%83%D1%81%D0%BA%D0%BE%D1%80%D0%B8%D1%82%D1%8C\"><\/span>Q5: Trivy \u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0438\u0435 \u043e\u0431\u0440\u0430\u0437\u044b. \u041a\u0430\u043a \u0443\u0441\u043a\u043e\u0440\u0438\u0442\u044c?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>\u041e\u0442\u0432\u0435\u0442:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 \u043a\u044d\u0448:\u00a0<code>--cache-dir \/fast\/ssd\/trivy-cache<\/code><\/li>\n\n\n\n<li>\u0421\u043a\u0430\u043d\u0438\u0440\u0443\u0439\u0442\u0435 \u0442\u043e\u043b\u044c\u043a\u043e OS-\u043f\u0430\u043a\u0435\u0442\u044b:\u00a0<code>--scanners vuln<\/code><\/li>\n\n\n\n<li>\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 \u0431\u043e\u043b\u0435\u0435 \u0431\u044b\u0441\u0442\u0440\u044b\u0439 \u0434\u0438\u0441\u043a \u0434\u043b\u044f \u043a\u044d\u0448\u0430<\/li>\n\n\n\n<li>\u0420\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Trivy \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 server (Trivy Server)<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"q6-%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE-%D0%BB%D0%B8-%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-trivy-%D0%B4%D0%BB%D1%8F-compliance-%D1%81%D0%BE%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%81%D1%82%D0%B2%D0%B8%D1%8F-%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D0%B0%D0%BC\"><span class=\"ez-toc-section\" id=\"Q6_%D0%9C%D0%BE%D0%B6%D0%BD%D0%BE_%D0%BB%D0%B8_%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D1%8C_Trivy_%D0%B4%D0%BB%D1%8F_compliance_%D1%81%D0%BE%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%81%D1%82%D0%B2%D0%B8%D1%8F_%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D0%B0%D0%BC\"><\/span>Q6: \u041c\u043e\u0436\u043d\u043e \u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Trivy \u0434\u043b\u044f compliance (\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u044f \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0430\u043c)?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>\u041e\u0442\u0432\u0435\u0442:<\/strong>&nbsp;\u0414\u0430, Trivy \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 Rego (Open Policy Agent):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430\u043c\u0438<\/em>\ntrivy config --policy .\/policies\/ .\/k8s\/\n<\/code><\/pre>\n\n\n\n<p>\u0421\u043e\u0437\u0434\u0430\u0439\u0442\u0435 \u0444\u0430\u0439\u043b \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438&nbsp;<code>policies\/deny-root.rego<\/code>:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>package trivy\n\ndeny&#91;msg] {\n    input.kind == \"Deployment\"\n    not input.spec.template.spec.securityContext.runAsNonRoot\n    msg := \"Deployment must run as non-root user\"\n}\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"q7-%D0%BA%D0%B0%D0%BA-%D1%81%D1%80%D0%B0%D0%B2%D0%BD%D0%B8%D1%82%D1%8C-%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%82%D1%8B-%D0%B4%D0%B2%D1%83%D1%85-%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B9\"><span class=\"ez-toc-section\" id=\"Q7_%D0%9A%D0%B0%D0%BA_%D1%81%D1%80%D0%B0%D0%B2%D0%BD%D0%B8%D1%82%D1%8C_%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%82%D1%8B_%D0%B4%D0%B2%D1%83%D1%85_%D1%81%D0%BA%D0%B0%D0%BD%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B9\"><\/span>Q7: \u041a\u0430\u043a \u0441\u0440\u0430\u0432\u043d\u0438\u0442\u044c \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0434\u0432\u0443\u0445 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0439?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>\u041e\u0442\u0432\u0435\u0442:<\/strong>&nbsp;\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 diff-\u0440\u0435\u0436\u0438\u043c:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><em># \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0432\u0430 \u043e\u0431\u0440\u0430\u0437\u0430 \u0438 \u0441\u0440\u0430\u0432\u043d\u0438\u0442\u044c<\/em>\ntrivy image --format json -o old.json old-image:tag\ntrivy image --format json -o new.json new-image:tag\n\n<em># \u0421\u0440\u0430\u0432\u043d\u0438\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e jq<\/em>\ndiff &lt;(jq -S . old.json) &lt;(jq -S . new.json)\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"q8-trivy-%D0%BF%D0%BE%D0%BA%D0%B0%D0%B7%D1%8B%D0%B2%D0%B0%D0%B5%D1%82-%D0%BB%D0%BE%D0%B6%D0%BD%D1%8B%D0%B5-%D1%81%D1%80%D0%B0%D0%B1%D0%B0%D1%82%D1%8B%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F-%D0%BA%D0%B0%D0%BA-%D0%B8%D1%85-%D0%B8%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C\"><span class=\"ez-toc-section\" id=\"Q8_Trivy_%D0%BF%D0%BE%D0%BA%D0%B0%D0%B7%D1%8B%D0%B2%D0%B0%D0%B5%D1%82_%D0%BB%D0%BE%D0%B6%D0%BD%D1%8B%D0%B5_%D1%81%D1%80%D0%B0%D0%B1%D0%B0%D1%82%D1%8B%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F_%D0%9A%D0%B0%D0%BA_%D0%B8%D1%85_%D0%B8%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C\"><\/span>Q8: Trivy \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043b\u043e\u0436\u043d\u044b\u0435 \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043d\u0438\u044f. \u041a\u0430\u043a \u0438\u0445 \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>\u041e\u0442\u0432\u0435\u0442:<\/strong>&nbsp;\u0421\u043e\u0437\u0434\u0430\u0439\u0442\u0435&nbsp;<code>.trivyignore<\/code>&nbsp;\u0444\u0430\u0439\u043b:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># \u041b\u043e\u0436\u043d\u043e\u0435 \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0432 \u0442\u0435\u0441\u0442\u043e\u0432\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435\nCVE-2023-12345\n\n# \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043c\u0430 \u043a \u043d\u0430\u0448\u0435\u043c\u0443 use case\nCVE-2023-67890 # \u041d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 production\n<\/code><\/pre>\n\n\n\n<p>\u0418\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 \u0444\u043b\u0430\u0433:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>trivy image --ignorefile .trivyignore myapp:latest\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"%D0%B7%D0%B0%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B8%D0%B5-%D0%B8-%D1%81%D0%BB%D0%B5%D0%B4%D1%83%D1%8E%D1%89%D0%B8%D0%B5-%D1%88%D0%B0%D0%B3%D0%B8-%D0%B7%D0%B0%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B8%D0%B5\"><span class=\"ez-toc-section\" id=\"%D0%97%D0%B0%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B8%D0%B5_%D0%B8_%D1%81%D0%BB%D0%B5%D0%B4%D1%83%D1%8E%D1%89%D0%B8%D0%B5_%D1%88%D0%B0%D0%B3%D0%B8\"><\/span>\u0417\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0448\u0430\u0433\u0438<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p><strong>Trivy<\/strong>&nbsp;\u2014 \u044d\u0442\u043e \u043c\u043e\u0449\u043d\u044b\u0439 \u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Docker-\u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432. \u041e\u043d \u0441\u0442\u0430\u043b \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043e\u043c \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u2705\u00a0<strong>\u041f\u0440\u043e\u0441\u0442\u043e\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f<\/strong>\u00a0\u2014 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0438\u0437 \u043a\u043e\u0440\u043e\u0431\u043a\u0438<\/li>\n\n\n\n<li>\u2705\u00a0<strong>\u0411\u044b\u0441\u0442\u0440\u043e\u0442\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f<\/strong>\u00a0\u2014 \u0441\u0440\u0435\u0434\u043d\u0438\u0439 \u043e\u0431\u0440\u0430\u0437 \u0437\u0430 10-30 \u0441\u0435\u043a\u0443\u043d\u0434<\/li>\n\n\n\n<li>\u2705\u00a0<strong>\u0428\u0438\u0440\u043e\u043a\u043e\u043c\u0443 \u043e\u0445\u0432\u0430\u0442\u0443<\/strong>\u00a0\u2014 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 20+ \u043f\u0430\u043a\u0435\u0442\u043d\u044b\u0445 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u043e\u0432<\/li>\n\n\n\n<li>\u2705\u00a0<strong>\u0410\u043a\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044e<\/strong>\u00a0\u2014 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0431\u044b\u0441\u0442\u0440\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0430\u0433\u043e\u0432<\/li>\n\n\n\n<li>\u2705\u00a0<strong>\u0411\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e\u0441\u0442\u0438<\/strong>\u00a0\u2014 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e open-source<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D1%80%D0%B5%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D0%B4%D1%83%D0%B5%D0%BC%D1%8B%D0%B9-%D0%BF%D0%BB%D0%B0%D0%BD-%D0%B2%D0%BD%D0%B5%D0%B4%D1%80%D0%B5%D0%BD%D0%B8%D1%8F\"><span class=\"ez-toc-section\" id=\"%D0%A0%D0%B5%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D0%B4%D1%83%D0%B5%D0%BC%D1%8B%D0%B9_%D0%BF%D0%BB%D0%B0%D0%BD_%D0%B2%D0%BD%D0%B5%D0%B4%D1%80%D0%B5%D0%BD%D0%B8%D1%8F\"><\/span>\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c\u044b\u0439 \u043f\u043b\u0430\u043d \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u041d\u0435\u0434\u0435\u043b\u044f 1:<\/strong>\u00a0\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0435 Trivy \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e, \u043f\u0440\u043e\u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0439\u0442\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u0440\u0430\u0437\u044b<\/li>\n\n\n\n<li><strong>\u041d\u0435\u0434\u0435\u043b\u044f 2:<\/strong>\u00a0\u0418\u043d\u0442\u0435\u0433\u0440\u0438\u0440\u0443\u0439\u0442\u0435 \u0432 CI\/CD pipeline (\u043d\u0430\u0447\u043d\u0438\u0442\u0435 \u0441 warning-\u0440\u0435\u0436\u0438\u043c\u0430)<\/li>\n\n\n\n<li><strong>\u041d\u0435\u0434\u0435\u043b\u044f 3:<\/strong>\u00a0\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u0442\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0443 \u0434\u0435\u043f\u043b\u043e\u044f \u043f\u0440\u0438 CRITICAL-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445<\/li>\n\n\n\n<li><strong>\u041d\u0435\u0434\u0435\u043b\u044f 4:<\/strong>\u00a0\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u0442\u0435 \u0435\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u044b\u0435 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5-%D1%80%D0%B5%D1%81%D1%83%D1%80%D1%81%D1%8B\"><span class=\"ez-toc-section\" id=\"%D0%9F%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5_%D1%80%D0%B5%D1%81%D1%83%D1%80%D1%81%D1%8B\"><\/span>\u041f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\ud83d\udcda\u00a0<a href=\"https:\/\/aquasecurity.github.io\/trivy\/\">\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u0430\u044f \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044f Trivy<\/a><\/li>\n\n\n\n<li>\ud83d\udcac\u00a0<a href=\"https:\/\/github.com\/aquasecurity\/trivy\/discussions\">GitHub Discussions<\/a><\/li>\n\n\n\n<li>\ud83d\udc1b\u00a0<a href=\"https:\/\/github.com\/aquasecurity\/trivy\/issues\">Issue Tracker<\/a><\/li>\n\n\n\n<li>\ud83d\udcd6\u00a0<a href=\"https:\/\/www.aquasec.com\/blog\/\">Trivy Blog<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"%D1%81%D0%B2%D1%8F%D0%B7%D0%B0%D0%BD%D0%BD%D1%8B%D0%B5-%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8\"><span class=\"ez-toc-section\" id=\"%D0%A1%D0%B2%D1%8F%D0%B7%D0%B0%D0%BD%D0%BD%D1%8B%D0%B5_%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8\"><\/span>\u0421\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441\u0442\u0430\u0442\u044c\u0438<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/file+.vscode-resource.vscode-cdn.net\/blog\/docker-security-best-practices\">Docker Security Best Practices<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/file+.vscode-resource.vscode-cdn.net\/blog\/docker-cicd-setup\">\u041a\u0430\u043a \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c CI\/CD \u0434\u043b\u044f Docker<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/file+.vscode-resource.vscode-cdn.net\/blog\/kubernetes-security-scanning\">Kubernetes Security Scanning<\/a><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>\u041e\u0441\u0442\u0430\u043b\u0438\u0441\u044c \u0432\u043e\u043f\u0440\u043e\u0441\u044b?<\/strong>\u00a0\u041f\u0438\u0448\u0438\u0442\u0435 \u0432 \u043d\u0430\u0448\u00a0<a href=\"https:\/\/t.me\/dockerhost\">Telegram-\u0447\u0430\u0442<\/a>\u00a0\u0438\u043b\u0438 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0439\u0442\u0435 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438 \u043d\u0438\u0436\u0435. \u041c\u044b \u043f\u043e\u043c\u043e\u0436\u0435\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c Trivy \u0434\u043b\u044f \u0432\u0430\u0448\u0435\u0433\u043e \u043f\u0440\u043e\u0435\u043a\u0442\u0430!<\/p>\n<\/blockquote>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Trivy&nbsp;\u2014 \u044d\u0442\u043e \u043c\u043e\u0449\u043d\u044b\u0439 open-source \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043e\u0442 Aqua Security, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043a\u0443\u043d\u0434 \u043d\u0430\u0445\u043e\u0434\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Docker-\u043e\u0431\u0440\u0430\u0437\u0430\u0445, \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u0430\u0445 \u0438 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 \u043a\u043e\u0434\u0430. \u0412 \u044d\u0442\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u043c \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 \u0440\u0430\u0437\u0431\u0435\u0440\u0451\u043c, \u043f\u043e\u0447\u0435\u043c\u0443 Trivy \u0441\u0442\u0430\u043b \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043e\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432, \u043a\u0430\u043a \u0435\u0433\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c, \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438 \u0432\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0432 \u0432\u0430\u0448 CI\/CD pipeline. \u0427\u0442\u043e \u0442\u0430\u043a\u043e\u0435 Trivy \u0438 \u0437\u0430\u0447\u0435\u043c \u043e\u043d \u043d\u0443\u0436\u0435\u043d Trivy&nbsp;(\u043e\u0442 \u0430\u043d\u0433\u043b. &#171;trivial&#187; \u2014&hellip;&nbsp;<a href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/\" rel=\"bookmark\">\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 &raquo;<span class=\"screen-reader-text\">Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-3693","post","type-post","status-publish","format-standard","hentry","category-1"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.7.1 (Yoast SEO v25.7) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443 - DockerHosting.ru<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/\" \/>\n<meta property=\"og:locale\" content=\"ru_RU\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443\" \/>\n<meta property=\"og:description\" content=\"Trivy&nbsp;\u2014 \u044d\u0442\u043e \u043c\u043e\u0449\u043d\u044b\u0439 open-source \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043e\u0442 Aqua Security, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043a\u0443\u043d\u0434 \u043d\u0430\u0445\u043e\u0434\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Docker-\u043e\u0431\u0440\u0430\u0437\u0430\u0445, \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u0430\u0445 \u0438 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 \u043a\u043e\u0434\u0430. \u0412 \u044d\u0442\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u043c \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 \u0440\u0430\u0437\u0431\u0435\u0440\u0451\u043c, \u043f\u043e\u0447\u0435\u043c\u0443 Trivy \u0441\u0442\u0430\u043b \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043e\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432, \u043a\u0430\u043a \u0435\u0433\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c, \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438 \u0432\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0432 \u0432\u0430\u0448 CI\/CD pipeline. \u0427\u0442\u043e \u0442\u0430\u043a\u043e\u0435 Trivy \u0438 \u0437\u0430\u0447\u0435\u043c \u043e\u043d \u043d\u0443\u0436\u0435\u043d Trivy&nbsp;(\u043e\u0442 \u0430\u043d\u0433\u043b. &#171;trivial&#187; \u2014&hellip;&nbsp;\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 &raquo;Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/\" \/>\n<meta property=\"og:site_name\" content=\"DockerHosting.ru\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-05T05:05:32+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-05T05:05:35+00:00\" \/>\n<meta name=\"author\" content=\"\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u041d\u0430\u043f\u0438\u0441\u0430\u043d\u043e \u0430\u0432\u0442\u043e\u0440\u043e\u043c\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u041f\u0440\u0438\u043c\u0435\u0440\u043d\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 \u043c\u0438\u043d\u0443\u0442\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/\"},\"author\":{\"name\":\"\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440\",\"@id\":\"https:\/\/dockerhosting.ru\/blog\/#\/schema\/person\/065a7b9ff0b6c2ae566eb818352031b4\"},\"headline\":\"Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443\",\"datePublished\":\"2025-12-05T05:05:32+00:00\",\"dateModified\":\"2025-12-05T05:05:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/\"},\"wordCount\":1080,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/dockerhosting.ru\/blog\/#organization\"},\"inLanguage\":\"ru-RU\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/\",\"url\":\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/\",\"name\":\"Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443 - DockerHosting.ru\",\"isPartOf\":{\"@id\":\"https:\/\/dockerhosting.ru\/blog\/#website\"},\"datePublished\":\"2025-12-05T05:05:32+00:00\",\"dateModified\":\"2025-12-05T05:05:35+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#breadcrumb\"},\"inLanguage\":\"ru-RU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u0413\u043b\u0430\u0432\u043d\u0430\u044f \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430\",\"item\":\"https:\/\/dockerhosting.ru\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/dockerhosting.ru\/blog\/#website\",\"url\":\"https:\/\/dockerhosting.ru\/blog\/\",\"name\":\"\u0411\u043b\u043e\u0433 DockerHosting.ru\",\"description\":\"\u0411\u043b\u043e\u0433 \u0445\u043e\u0441\u0442\u0438\u043d\u0433-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b DockerHosting.ru\",\"publisher\":{\"@id\":\"https:\/\/dockerhosting.ru\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/dockerhosting.ru\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ru-RU\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/dockerhosting.ru\/blog\/#organization\",\"name\":\"DockerHosting.ru\",\"url\":\"https:\/\/dockerhosting.ru\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ru-RU\",\"@id\":\"https:\/\/dockerhosting.ru\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/dockerhosting.ru\/blog\/wp-content\/uploads\/2024\/11\/cropped-dockerhosting_cl.png\",\"contentUrl\":\"https:\/\/dockerhosting.ru\/blog\/wp-content\/uploads\/2024\/11\/cropped-dockerhosting_cl.png\",\"width\":200,\"height\":36,\"caption\":\"DockerHosting.ru\"},\"image\":{\"@id\":\"https:\/\/dockerhosting.ru\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/dockerhosting.ru\/blog\/#\/schema\/person\/065a7b9ff0b6c2ae566eb818352031b4\",\"name\":\"\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ru-RU\",\"@id\":\"https:\/\/dockerhosting.ru\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2691b71be8ab410fdd0c9e486970ee8d7ed141139a26f7753ca3ddf5a369bae0?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2691b71be8ab410fdd0c9e486970ee8d7ed141139a26f7753ca3ddf5a369bae0?s=96&d=mm&r=g\",\"caption\":\"\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440\"},\"sameAs\":[\"https:\/\/dockerhosting.ru\/blog\"],\"url\":\"https:\/\/dockerhosting.ru\/blog\/author\/aleks\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443 - DockerHosting.ru","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/","og_locale":"ru_RU","og_type":"article","og_title":"Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443","og_description":"Trivy&nbsp;\u2014 \u044d\u0442\u043e \u043c\u043e\u0449\u043d\u044b\u0439 open-source \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043e\u0442 Aqua Security, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043a\u0443\u043d\u0434 \u043d\u0430\u0445\u043e\u0434\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Docker-\u043e\u0431\u0440\u0430\u0437\u0430\u0445, \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u0430\u0445 \u0438 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 \u043a\u043e\u0434\u0430. \u0412 \u044d\u0442\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u043c \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 \u0440\u0430\u0437\u0431\u0435\u0440\u0451\u043c, \u043f\u043e\u0447\u0435\u043c\u0443 Trivy \u0441\u0442\u0430\u043b \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043e\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432, \u043a\u0430\u043a \u0435\u0433\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c, \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438 \u0432\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0432 \u0432\u0430\u0448 CI\/CD pipeline. \u0427\u0442\u043e \u0442\u0430\u043a\u043e\u0435 Trivy \u0438 \u0437\u0430\u0447\u0435\u043c \u043e\u043d \u043d\u0443\u0436\u0435\u043d Trivy&nbsp;(\u043e\u0442 \u0430\u043d\u0433\u043b. &#171;trivial&#187; \u2014&hellip;&nbsp;\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 &raquo;Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443","og_url":"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/","og_site_name":"DockerHosting.ru","article_published_time":"2025-12-05T05:05:32+00:00","article_modified_time":"2025-12-05T05:05:35+00:00","author":"\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440","twitter_card":"summary_large_image","twitter_misc":{"\u041d\u0430\u043f\u0438\u0441\u0430\u043d\u043e \u0430\u0432\u0442\u043e\u0440\u043e\u043c":"\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440","\u041f\u0440\u0438\u043c\u0435\u0440\u043d\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f":"6 \u043c\u0438\u043d\u0443\u0442"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#article","isPartOf":{"@id":"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/"},"author":{"name":"\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440","@id":"https:\/\/dockerhosting.ru\/blog\/#\/schema\/person\/065a7b9ff0b6c2ae566eb818352031b4"},"headline":"Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443","datePublished":"2025-12-05T05:05:32+00:00","dateModified":"2025-12-05T05:05:35+00:00","mainEntityOfPage":{"@id":"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/"},"wordCount":1080,"commentCount":0,"publisher":{"@id":"https:\/\/dockerhosting.ru\/blog\/#organization"},"inLanguage":"ru-RU","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/","url":"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/","name":"Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443 - DockerHosting.ru","isPartOf":{"@id":"https:\/\/dockerhosting.ru\/blog\/#website"},"datePublished":"2025-12-05T05:05:32+00:00","dateModified":"2025-12-05T05:05:35+00:00","breadcrumb":{"@id":"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#breadcrumb"},"inLanguage":"ru-RU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/dockerhosting.ru\/blog\/trivy-polnoe-rukovodstvo-po-skanirovaniyu-uyazvimostej-docker-obrazov-v-2025-godu\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u0413\u043b\u0430\u0432\u043d\u0430\u044f \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430","item":"https:\/\/dockerhosting.ru\/blog\/"},{"@type":"ListItem","position":2,"name":"Trivy \u2014 \u043f\u043e\u043b\u043d\u043e\u0435 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Docker-\u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0432 2025 \u0433\u043e\u0434\u0443"}]},{"@type":"WebSite","@id":"https:\/\/dockerhosting.ru\/blog\/#website","url":"https:\/\/dockerhosting.ru\/blog\/","name":"\u0411\u043b\u043e\u0433 DockerHosting.ru","description":"\u0411\u043b\u043e\u0433 \u0445\u043e\u0441\u0442\u0438\u043d\u0433-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b DockerHosting.ru","publisher":{"@id":"https:\/\/dockerhosting.ru\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dockerhosting.ru\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ru-RU"},{"@type":"Organization","@id":"https:\/\/dockerhosting.ru\/blog\/#organization","name":"DockerHosting.ru","url":"https:\/\/dockerhosting.ru\/blog\/","logo":{"@type":"ImageObject","inLanguage":"ru-RU","@id":"https:\/\/dockerhosting.ru\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/dockerhosting.ru\/blog\/wp-content\/uploads\/2024\/11\/cropped-dockerhosting_cl.png","contentUrl":"https:\/\/dockerhosting.ru\/blog\/wp-content\/uploads\/2024\/11\/cropped-dockerhosting_cl.png","width":200,"height":36,"caption":"DockerHosting.ru"},"image":{"@id":"https:\/\/dockerhosting.ru\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/dockerhosting.ru\/blog\/#\/schema\/person\/065a7b9ff0b6c2ae566eb818352031b4","name":"\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440","image":{"@type":"ImageObject","inLanguage":"ru-RU","@id":"https:\/\/dockerhosting.ru\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/2691b71be8ab410fdd0c9e486970ee8d7ed141139a26f7753ca3ddf5a369bae0?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2691b71be8ab410fdd0c9e486970ee8d7ed141139a26f7753ca3ddf5a369bae0?s=96&d=mm&r=g","caption":"\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440"},"sameAs":["https:\/\/dockerhosting.ru\/blog"],"url":"https:\/\/dockerhosting.ru\/blog\/author\/aleks\/"}]}},"_links":{"self":[{"href":"https:\/\/dockerhosting.ru\/blog\/wp-json\/wp\/v2\/posts\/3693","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dockerhosting.ru\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dockerhosting.ru\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dockerhosting.ru\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dockerhosting.ru\/blog\/wp-json\/wp\/v2\/comments?post=3693"}],"version-history":[{"count":2,"href":"https:\/\/dockerhosting.ru\/blog\/wp-json\/wp\/v2\/posts\/3693\/revisions"}],"predecessor-version":[{"id":3695,"href":"https:\/\/dockerhosting.ru\/blog\/wp-json\/wp\/v2\/posts\/3693\/revisions\/3695"}],"wp:attachment":[{"href":"https:\/\/dockerhosting.ru\/blog\/wp-json\/wp\/v2\/media?parent=3693"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dockerhosting.ru\/blog\/wp-json\/wp\/v2\/categories?post=3693"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dockerhosting.ru\/blog\/wp-json\/wp\/v2\/tags?post=3693"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}