A penetration tester is getting ready to conduct a vulnerability scan to evaluate an environment that consists of a container orchestration cluster. Which of the following tools would be best to use for this purpose?
Trivy is a specialized open-source vulnerability scanner designed for containers and container orchestration environments. It scans container images, file systems, and Git repositories for vulnerabilities and misconfigurations.
According to the CompTIA PenTest+ PT0-003 Study Guide, in discussions about tool selection for containerized environments:
“Trivy is optimized for scanning Docker images and Kubernetes clusters, offering fast and reliable vulnerability detection.”
[Reference: CompTIA PenTest+ PT0-003 Official Study Guide, Chapter 4, ===========, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit