Home BlogA small step in the large open-source: CVSS integration in Trivy
Blog

A small step in the large open-source: CVSS integration in Trivy

by Denis Makrushin
13 views

At the heart of our AppSec platform is an open-source project called Trivy. It’s a software composition analysis tool that helps developers to detect issues in dependencies used in their code.

This time, we are not only integrating, but also contributing: in Trivy 0.65.0 release, our developer, Stepan Dolgintsev, added the CVSS vector support. This means that CVSS itself will soon appear on our Supply Chain page, enabling developers and AppSec engineers to triage vulnerabilities more accurately.

The Trivy team has acknowledged this contribution. Congratulations to Stepan on taking his first steps in the world of large open-source projects! Thanks also to Andrey Kuleshov for idea to propose the update to project maintainers.

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.

Denis Makrushin

Denis is chief technology officer of cybersecurity product line at telecommunications company. He is responsible for product development, defining technology strategy and driving future technical innovation.

You may also like

Bot that collects security research and insights

Secret Ingredients for Secure Development: Achieving Fast and...

Секретные ингредиенты безопасной разработки: исследуем способы точного и...

Спринт от идеи к курсу по безопасности приложений

Sprint from idea to Application Security course

Graduation: key learning insights from my MBA journey

Выпускной: ключевые инсайты обучения на программе MBA

The future of secure development: the first FinDevSecOps...

CTO Day: Dubai Chapter

Code-to-Cloud: платформенный подход к обеспечению безопасности приложений