From d7063efc9b11933e0575ea1e9f5d17cd14f2b541 Mon Sep 17 00:00:00 2001
From: Anais Urlichs <33576047+AnaisUrlichs@users.noreply.github.com>
Date: Thu, 31 Aug 2023 16:25:11 +0100
Subject: [PATCH] docs: README tfsec to trivy migration callout (#2020)

* README tfsec to trivy migration callout

* fix: minor change to readme

Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>

* fix: minor change to readme

Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>

* updating README based on changes in the docs

Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>

---------

Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
---
 README.md | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index cae5f7ee27..8fa2cd0b4e 100644
--- a/README.md
+++ b/README.md
@@ -10,9 +10,27 @@
 [![AUR version](https://img.shields.io/aur/version/tfsec-bin)](https://aur.archlinux.org/packages/tfsec-bin)
 [![VScode Extension](https://img.shields.io/visual-studio-marketplace/v/tfsec.tfsec?label=vscode)](https://marketplace.visualstudio.com/items?itemName=tfsec.tfsec)
 
+## 📣 tfsec to Trivy Migration
+
+As part of our goal to provide a comprehensive open source security solution for all, we have been consolidating all of our scanning-related efforts in one place, and that is [Trivy](https://github.com/aquasecurity/trivy). 
+
+Over the past year, tfsec has laid the foundations to Trivy's IaC & misconfigurations scanning capabilities, including Terraform scanning, which has been natively supported in Trivy for a long time now.
+
+Going forward we want to encourage the tfsec community to transition over to Trivy. Moving to Trivy gives you the same excellent Terraform scanning engine, with some extra benefits:
+
+1. Access to more languages and features in the same tool.
+2. Access to more integrations with tools and services through the rich ecosystem around Trivy.
+3. Commercially supported by Aqua as well as by a the passionate Trivy community.
+tfsec will continue to remain available for the time being, although our engineering attention will be directed at Trivy going forward.
+
+## tfsec to Trivy migration guide
+
+For further information on how Trivy compares to tfsec and moving from tfsec to Trivy, do have a look at the [migration guide.](https://github.com/aquasecurity/tfsec/blob/master/tfsec-to-trivy-migration-guide.md)
+
+## Overview
 tfsec uses static analysis of your terraform code to spot potential misconfigurations.
 
-## Features
+### Features
 
 - :cloud: Checks for misconfigurations across all major (and some minor) cloud providers
 - :no_entry: Hundreds of built-in rules