trivy private registry scan

Trivy Private Registry Scan Checklist

Plan Trivy scans for GHCR, ECR, ACR, GCR, Docker Hub private repositories, and self-hosted registries with clear authentication steps.

Continue with Pro View pricing plans

Search intent answer

Users need to scan a private image and are blocked by registry authentication or image-source behavior.

Trivy Space keeps private registry troubleshooting close to the report workspace so teams can fix access and preserve evidence together.

When this matters

GHCR image scans fail even though the repository token exists.
CI can build an image but Trivy cannot pull it.
A private registry needs a repeatable scan handoff.

How the workflow works

Choose the registry and scan context.
Generate login, pull, image-source, and cache recommendations.
Save the checklist as a paid team receipt for the release record.

Common risks

Registry credentials should be scoped and short-lived.
A scanner container may not see local Docker images without socket access.
Failed pulls can be misread as scanner failures.

Workspace preview

Turn this search into a usable report.

Start with pasted scan evidence, then unlock saved dashboards, team exports, and release receipts with a paid plan.

GateReview requiredEvidenceHTML + JSON

FAQ

Frequently asked questions about an independent Trivy workflow product.

Is Trivy Space an official Trivy or Aqua Security product?

No. Trivy Space is an independent paid workspace for teams that already use Trivy workflows. It does not claim official affiliation, endorsement, certification, or sponsorship.

What can I paste into the analyzer?

You can paste Trivy JSON, SARIF excerpts, SBOM metadata, GitHub Actions workflow snippets, Operator report samples, or failure logs such as vulnerability DB download errors.

What unlocks after checkout?

Paid plans unlock team history, report exports, saved receipts, dashboard trends, webhook inboxes, and workflow evidence that can be attached to release reviews.