topic Container scanning(Basic question) in Advanced Threat Prevention Discussions https://live.paloaltonetworks.com/t5/advanced-threat-prevention/container-scanning-basic-question/m-p/418052#M1220 <P>Hi,</P><P>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;Ours is a digital bank. We are in the process of picking a tool to scan the docker images in the AWS code pipeline. While we were scanning using the default ECR scan process we noticed&nbsp;CVE-2021-33574, CVE-2019-25013, CVE-2021-3520. These are related to C libraries which we have nothing to do with.</P><P>So we need to pick tools like Twistlock to guide us. Even though we know the severity levels we just don't understand what these 3 vulnerabilities are about. Generally they seem to be about DOS attacks but we want a more friendly set of messages and proper guidance. We also don't know what will fix these as it is a default OS layer that AWS provides.</P><P>&nbsp;</P><P>Will&nbsp;Twistlock&nbsp; help ? Which technical paper or site gives us a set of usage instructions ?&nbsp;</P><P>&nbsp;</P><P>Thanks.</P> Fri, 09 Jul 2021 09:22:06 GMT spatial 2021-07-09T09:22:06Z Container scanning(Basic question) https://live.paloaltonetworks.com/t5/advanced-threat-prevention/container-scanning-basic-question/m-p/418052#M1220 <P>Hi,</P><P>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;Ours is a digital bank. We are in the process of picking a tool to scan the docker images in the AWS code pipeline. While we were scanning using the default ECR scan process we noticed&nbsp;CVE-2021-33574, CVE-2019-25013, CVE-2021-3520. These are related to C libraries which we have nothing to do with.</P><P>So we need to pick tools like Twistlock to guide us. Even though we know the severity levels we just don't understand what these 3 vulnerabilities are about. Generally they seem to be about DOS attacks but we want a more friendly set of messages and proper guidance. We also don't know what will fix these as it is a default OS layer that AWS provides.</P><P>&nbsp;</P><P>Will&nbsp;Twistlock&nbsp; help ? Which technical paper or site gives us a set of usage instructions ?&nbsp;</P><P>&nbsp;</P><P>Thanks.</P> Fri, 09 Jul 2021 09:22:06 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/container-scanning-basic-question/m-p/418052#M1220 spatial 2021-07-09T09:22:06Z Re: Container scanning(Basic question) https://live.paloaltonetworks.com/t5/advanced-threat-prevention/container-scanning-basic-question/m-p/422046#M1252 <P>Is this a reply from a bot ? It looks like a stock reply.</P><P>&nbsp;</P><P>Thanks.</P> Mon, 26 Jul 2021 13:04:13 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/container-scanning-basic-question/m-p/422046#M1252 spatial 2021-07-26T13:04:13Z