Aqua Security, a pioneer in cloud native security and the primary maintainer of Aqua Trivy, is launching the Trivy Partner Connect Program, expanding the commercial ecosystem around Trivy, an open source vulnerability and misconfiguration scanner.
The first two partners to join the program are Echo and Minimus, both delivering secure-by-design image solutions that align with Trivy’s mission of empowering developers and security teams through open, trusted tools.
According to Aqua Security, Trivy Partner Connect offers a structured framework for commercial vendors to build, integrate, and collaborate with Trivy, bringing new capabilities to the Trivy user base while fostering sustainable open source development.
"Trivy Partner Connect represents our commitment to the millions of developers and security teams who rely on Trivy around the world every day," said Itay Shakury, VP of open source at Aqua Security. “For our global community of users, this program ensures continued investment in reliability and cutting-edge capabilities they’ve come to expect from the world’s most popular security scanner. For our partners, Partner Connect provides a path to influence the roadmap, access priority support, and reach Trivy's massive global user base. Together, we're not just building an open source tool, we’re building a more secure future.”
Trivy Partner Connect brings new value to this community by expanding support for platforms, artifacts, and integrations without changing how users interact with the tool.
For enterprise users, this means:
- Broader security coverage with new partner-contributed content and integrations.
- Faster innovation driven by collaborative engineering between Aqua and partners.
- No disruption to current workflows, Trivy remains fully open and free to use.
- Increased long-term value as commercial contributions strengthen the open source core.
“Echo is built for enterprise teams ready to tackle the underlying cause of vulnerability management, rather than simply treating its symptoms. Through AI agents, we deliver CVE-free images that are built clean and kept clean,” said Eilon Elhadad, CEO and co-founder. “Joining Trivy Partner Connect allows us to amplify our impact, reach security-conscious users globally through the tool they already use, and enable engineers to focus on revenue-driving development rather than trying to fix vulnerabilities in code they didn’t even write.”
Trivy Partner Connect supports OEM partners and ecosystem partners alike. OEM partners embed Trivy within their products, while e systems partners build complementary solutions that integrate or enhance Trivy capabilities, the vendor said.
Trivy Partner Connect includes three tiers:
- Certified – For partners who integrate with Trivy and meet trademark and marketing alignment standards.
- Core – For partners requiring deeper engineering collaboration, roadmap access, and product knowledge.
- Advisor – For contributors who provide vulnerability data or enrichment services to support broader coverage.
Trivy Partner Connect is open now and organizations interested in joining can learn more and apply at Trivy Partner Connect.
For more information about this news, visit www.aquasec.com.