Skip to content

Commit

Permalink
docs: update ecosystem page reporting with db app (#6201)
Browse files Browse the repository at this point in the history
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
  • Loading branch information
AnaisUrlichs authored Feb 27, 2024
1 parent dc76c6e commit eb54bb5
Showing 1 changed file with 14 additions and 8 deletions.
22 changes: 14 additions & 8 deletions docs/ecosystem/reporting.md
Original file line number Diff line number Diff line change
@@ -1,26 +1,32 @@
# Reporting

## SonarQube (Community)
A Trivy plugin that converts JSON report to SonarQube [generic issues format](https://docs.sonarqube.org/9.6/analyzing-source-code/importing-external-issues/generic-issue-import-format/).

👉 Get it at: <https://github.com/umax/trivy-plugin-sonarqube>

## DefectDojo (Community)
DefectDojo can parse Trivy JSON reports. The parser supports deduplication and auto-close features.

👉 Get it at: <https://github.com/DefectDojo/django-DefectDojo>

## SecObserve (Community)
SecObserve can parse Trivy results as CycloneDX reports and provides an unified overview of vulnerabilities from different sources. Vulnerabilities can be evaluated with manual and rule based assessments.

👉 Get it at: <https://github.com/MaibornWolff/SecObserve>

## Scan2html (Community)
A Trivy plugin that scans and outputs the results to an interactive html file.

👉 Get it at: <https://github.com/fatihtokus/scan2html>

## SonarQube (Community)
A Trivy plugin that converts JSON report to SonarQube [generic issues format](https://docs.sonarqube.org/9.6/analyzing-source-code/importing-external-issues/generic-issue-import-format/).

👉 Get it at: <https://github.com/umax/trivy-plugin-sonarqube>

## Trivy-Streamlit (Community)
Trivy-Streamlit is a Streamlit application that allows you to quickly parse the results from a Trivy JSON report.

👉 Get it at: <https://github.com/mfreeman451/trivy-streamlit>

## SecObserve (Community)
SecObserve can parse Trivy results as CycloneDX reports and provides an unified overview of vulnerabilities from different sources. Vulnerabilities can be evaluated with manual and rule based assessments.
## Trivy-Vulnerability-Explorer (Community)

👉 Get it at: <https://github.com/MaibornWolff/SecObserve>
This project is a web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.

👉 Get it at: <https://github.com/dbsystel/trivy-vulnerability-explorer>

0 comments on commit eb54bb5

Please sign in to comment.