topic Re: prismaCloudScanImage doesn't find vulnerabilities that are otherwise discovered with runtime radars in Prisma Cloud Discussions

prismaCloudScanImage doesn't find vulnerabilities that are otherwise discovered with runtime radars

enkido — Wed, 29 Sep 2021 13:52:09 GMT

We have setup twistlock / prisma cloud to scan our images for vulnerabilities and compliance. While given the same rules, the runtime defence radars discover 2 vulnerabilities and 2 compliance violations in a particular image, when I run a scan with prismaCloudScanImage jenkinsplugin, it only reports the 2 compliance issues, but not the vulnerabilities!

Does anyone know what could be the issue?

Re: prismaCloudScanImage doesn't find vulnerabilities that are otherwise discovered with runtime radars

enkido — Fri, 08 Oct 2021 07:03:31 GMT

to be a bit more precise:

The same image scanned in the runtime radar, will report vulnerabilities found in packages used by our packages, while the jenkins initiated scan only finds vulnerabilities in direct dependencies, for examples packages directly specified in the package.json, but not their dependencies. Isn't there any way to get all dependencies transitively/recursively scanned?

Re: prismaCloudScanImage doesn't find vulnerabilities that are otherwise discovered with runtime radars

AKing9 — Thu, 11 Aug 2022 17:46:51 GMT

Greetings Enkido,

I hope that this note finds you well! I know that it has been a while since you had posted this question but I wanted to see if you still potentially needed any help. Thank you for your time and I hope that you have a good remainder of your day.

Kind Regards,

J. Avery King