Скачать или смотреть Trivy EP05 |Trivy Flags Explained | Full Guide with Commands & Real Output

#theshubhamgour

Trivy is easy to use — but knowing which flags to use, what to filter, and when to fail your CI/CD pipeline is where real DevSecOps skills begin.

In this video, we explain the 3 most important Trivy flags that every beginner must understand:
--severity, --vuln-type, and --exit-code.

You’ll learn how to filter important vulnerabilities, scan OS vs library packages, and enforce security in CI/CD pipelines using real examples and sample output.

Perfect for DevOps, DevSecOps, Cloud, and SRE beginners who want to control Trivy like a pro.

🔍 Topics Covered
1. --severity (Filter by Important Issues)
Learn how to show only HIGH and CRITICAL vulnerabilities:
trivy image --severity HIGH,CRITICAL python:3.10

2. --vuln-type (OS vs Library Vulnerabilities)
Scan only OS vulnerabilities:
trivy image --vuln-type os python:3.10

Scan only library vulnerabilities:
trivy image --vuln-type library python:3.10


3. --exit-code (Fail CI/CD on Vulnerabilities)
Fail a build if HIGH/CRITICAL issues exist:
trivy image --severity HIGH,CRITICAL --exit-code 1 python:3.10

Why this matters:
✓ Blocks risky deployments
✓ Enforces DevSecOps culture
✓ Makes CI/CD pipelines secure by default

🧩 Summary
--severity → filter important vulnerabilities
--vuln-type → choose OS vs library issues
--exit-code → fail pipelines on serious risks

🎥 Watch all trivy episodes here :    • Trivy Security Scanner Complete Course | D...  

🎥 Watch all Jenkins episodes here:    • Learn Jenkins Step by Step  


For all updates:
Let's Connect on LinkedIn:   / theshubhamgour  
Follow me instagram:   / theshubhamgour  
Follow me Twitter:   / theshubhamgour