BestHub
Sign in
Tagged articles
12 articles
Page 1 of 1
Black & White Path
Black & White Path
Mar 29, 2026 · Information Security

How Hackers Leveraged AI to Compromise Trivy and LiteLLM – A Supply‑Chain Attack Case Study

An obscure hacker group, TeamPCP, used an AI agent powered by Anthropic’s Claude to trick the open‑source security scanner Trivy into revealing its GitHub credentials, then injected malicious code into Trivy’s updates and subsequently compromised the AI gateway LiteLLM, exposing critical supply‑chain vulnerabilities in popular AI development tools.

AI securityClaudeLiteLLM
0 likes · 5 min read
How Hackers Leveraged AI to Compromise Trivy and LiteLLM – A Supply‑Chain Attack Case Study
Raymond Ops
Raymond Ops
Mar 26, 2026 · Cloud Native

How to Shrink Docker Images by 70% and Harden Them with Trivy

This guide explains how to dramatically shrink Docker image sizes by up to 70% using multi‑stage builds, Alpine or Distroless bases, layer merging, .dockerignore, and BuildKit, while also integrating Trivy security scanning, non‑root users, SUID removal, and CI/CD automation to ensure a lean, secure container deployment.

AlpineDockerTrivy
0 likes · 29 min read
How to Shrink Docker Images by 70% and Harden Them with Trivy
MaGe Linux Operations
MaGe Linux Operations
Jan 24, 2025 · Information Security

How to Secure Docker Images with Trivy: Step-by-Step Guide

This guide explains how to set up Docker on Ubuntu 18.04, install and configure the Trivy vulnerability scanner, and use it to analyze container images such as Redis, BusyBox, and Nginx, covering database updates, output formats, and practical command examples.

CVEContainer SecurityDocker
0 likes · 9 min read
How to Secure Docker Images with Trivy: Step-by-Step Guide
Linux Ops Smart Journey
Linux Ops Smart Journey
Aug 27, 2024 · Information Security

Secure Your Container Images: Integrate Trivy Scanning into Harbor

This guide explains how to secure container images by integrating the Trivy vulnerability scanner into the Harbor registry, covering Helm configuration, offline database setup, automated updates via cron, verification steps, and useful references for a robust cloud‑native security workflow.

Container SecurityKubernetesTrivy
0 likes · 7 min read
Secure Your Container Images: Integrate Trivy Scanning into Harbor
Linux Ops Smart Journey
Linux Ops Smart Journey
Aug 26, 2024 · Information Security

How to Secure Container Images: Integrating Trivy with Harbor for Seamless Vulnerability Scanning

This guide explains why container image security matters, details the Trivy toolchain, shows step‑by‑step how to install Trivy, scan images, obtain offline vulnerability and Java index databases, and verify scans, preparing you to integrate Trivy with Harbor for a safer CI/CD pipeline.

Cloud NativeTrivyoffline database
0 likes · 11 min read
How to Secure Container Images: Integrating Trivy with Harbor for Seamless Vulnerability Scanning
DevOps Operations Practice
DevOps Operations Practice
Oct 8, 2023 · Information Security

Essential DevSecOps Tools for Securing CI/CD Pipelines

This article introduces five open‑source DevSecOps tools—Trivy, Gerrit, OWASP Dependency‑Check, Arachni, and Falco—that help integrate automated security checks into CI/CD pipelines, improve vulnerability detection, and ensure compliance throughout the software delivery process.

ArachniDevSecOpsFalco
0 likes · 5 min read
Essential DevSecOps Tools for Securing CI/CD Pipelines
DevOps Cloud Academy
DevOps Cloud Academy
Jun 30, 2022 · Information Security

Integrating Trivy Image Security Scanning into GitLab CI/CD Pipelines

This tutorial demonstrates how to set up automated Docker image vulnerability scanning with Trivy, embed the scan into GitLab CI/CD pipelines, handle severity thresholds, schedule recurring scans, and remediate findings by adjusting the Dockerfile, providing a practical DevOps security workflow.

CVE scanningContainer SecurityDevOps
0 likes · 10 min read
Integrating Trivy Image Security Scanning into GitLab CI/CD Pipelines
DevOps Cloud Academy
DevOps Cloud Academy
Mar 14, 2022 · Information Security

Integrating Trivy Vulnerability Scanner with GitLab CI/CD Pipelines

This article explains what Trivy is, how to install and use it for container vulnerability scanning, demonstrates saving results in JSON, and provides a step‑by‑step guide to integrating Trivy into a GitLab CI/CD pipeline with example configuration and troubleshooting tips.

Container SecurityDockerGitLab CI
0 likes · 7 min read
Integrating Trivy Vulnerability Scanner with GitLab CI/CD Pipelines
DevOps Cloud Academy
DevOps Cloud Academy
Nov 16, 2020 · Information Security

Integrating Trivy Image Security Scanning into GitLab CI/CD Pipelines

This tutorial demonstrates how to integrate Trivy image security scanning into a GitLab CI/CD pipeline, covering tool selection, Dockerfile creation, pipeline configuration, scheduled scans, handling vulnerability reports, and strategies for failing builds based on severity levels.

DevOpsGitLab CIImage Security
0 likes · 15 min read
Integrating Trivy Image Security Scanning into GitLab CI/CD Pipelines