Scan multi-architecture containers with Trivy on Azure Cobalt 100
Introduction
Learn Azure Cobalt 100 Arm64 and Use Trivy for Security Scanning
Create an Azure Cobalt 100 Arm64 virtual machine
Build and scan multi-architecture container images with Trivy
Next Steps

  Log an issue

  Fork and edit

  Discuss on Discord

About this Learning Path

Skill level:  Introductory
Reading time:  45 min
Last updated:  20 Feb 2026
Skill level:
  Introductory
Reading time:
  45 min
Last updated:
  20 Feb 2026
Author:Pareena Verma, Arm
Arm IP:Neoverse
Tags: Containers and Virtualization Microsoft Azure Linux Trivy Docker GitHub Actions YAML
Author:
  • Pareena Verma, Arm
Arm IP:
Neoverse
Tags:
Containers and Virtualization Microsoft Azure Linux Trivy Docker GitHub Actions YAML

Who is this for?

This is an introductory topic for developers and DevOps engineers who want to integrate security scanning into CI/CD pipelines for multi-architecture container images.

What will you learn?

Upon completion of this Learning Path, you will be able to:

  • Build and scan multi-architecture container images using Trivy on Azure Cobalt 100
  • Configure self-hosted GitHub Actions Arm runners for CI/CD pipelines
  • Enforce security gates in CI pipelines based on vulnerability severity

Prerequisites

Before starting, you will need the following:

  • A Microsoft Azure account with access to Cobalt 100 based instances (Dpsv6)
  • Docker installed and basic knowledge of containerization
  • Familiarity with CI/CD concepts
  • Basic knowledge of Linux command-line operations
  • Familiarity with GitHub Actions runners
Next