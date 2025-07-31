BOSTON and TEL AVIV, Israel, July 31, 2025 (GLOBE NEWSWIRE) -- Aqua Security, the pioneer in cloud native security and primary maintainer of Trivy, today announced that Root has joined the Trivy Partner Connect program. Root brings its unique AI-generated, agentic vulnerability remediation platform to Trivy’s global community, delivering fixes directly into a workflow developers already trust.

As the newest partner in the program, Root joins a growing list of companies collaborating to advance Trivy, the world’s most popular open source vulnerability scanner. Collaborations such as that between Trivy and Root help ensure the long-term sustainability of the open source project. The partnership also introduces Root’s AI-powered patching technology to Trivy users, enabling fast, reliable remediation without the need to change base OS or dependencies.

“Root’s participation in Partner Connect brings their agentic AI remediation approach to the mainstream and validates the community’s confidence in automated fixes,” said Itay Shakury, VP of Open Source at Aqua Security. “Together, we’re making it easier for developers to stay secure while continuing to rely on open source. This is exactly the type of partnership that fuels sustainable open source innovation.”

Enabling Seamless, Scalable Remediation

Root’s SaaS platform automates vulnerability remediation within development workflows, aligning with Trivy’s mission of empowering teams with efficient, developer-friendly security tools. Root’s deterministic, context-aware patches address vulnerabilities flagged by Trivy without breaking functionality or productivity.

Through the integration, Trivy can now validate and recognize Root’s patches, streamlining the path from detection to remediation and helping enterprises manage risk at scale.

"Partnering with Trivy underscores our shared commitment to enabling and securing open-source innovation,” said Ian Riopel, CEO of Root. “Our mission at Root is to fix all of open source by deploying agentic AI-curated patches that eliminate the complexity, manual triage, and disruption traditionally associated with security-driven upgrades. This collaboration enables developers to confidently secure their applications while maintaining speed, control, and open-source integrity.”

A Natural Fit: Root’s Open Source DNA

Root’s deep roots in open source, including the widely adopted Slim Toolkit (with over 21,000 GitHub stars) make it a natural fit for Trivy’s open, community-driven model. The partnership reflects a broader shift toward commercial vendors contributing to open source, not just consuming it.

“Companies like Root are showing how open source and commercial innovation can work together,” added Shakury. “They’re building sustainable businesses while giving back to the projects that power their success.”

Growing the Trivy Ecosystem

Trivy Partner Connect enables companies to integrate with and contribute to Trivy in a structured, community-aligned way. The program features three partner tiers, Certified, Core, and Advisor, to support a range of collaboration models. Root joins previously announced program members, with additional partners to be announced soon.

With over 27,000 GitHub stars and more than 100 million annual downloads, Trivy is relied on by developers, DevOps, and security teams around the world. Partner Connect ensures its continued growth and relevance while helping partners like Root surface their value to a broad, engaged user base.

Learn More

Organizations can explore Root’s Trivy-integrated remediation at https://trivy.dev/latest/partners/ or www.root.io . Vendors interested in joining the program can contact Aqua Security for more information.

About Root

Root delivers the industry’s first agentic AI vulnerability remediation platform, enabling “Open Source That Fixes Itself.” Root creates deterministic, secure patches that maintain application functionality, helping organizations remediate vulnerabilities at scale. Root is an OWASP Platinum Corporate Supporter. Learn more at www.root.io .

About Aqua Trivy

Trivy is the most popular open source scanner for containers, IaC, code, cloud, and Kubernetes, detecting vulnerabilities, misconfigurations, and secrets. Trusted by millions worldwide, Trivy is maintained by Aqua Security. Learn more at trivy.dev .

About Aqua Security

Aqua Security secures every cloud native application from code to cloud to prompt. As the pioneer in container and AI workload security, Aqua delivers full lifecycle protection through its unified CNAPP. Aqua protects more than 40% of the Fortune 100. Learn more at aquasec.com .

