07-02-2024 11:56 AM
Right now, my team has scans for our images set up as part of our CI/CD pipelines, and the scans are compared against our prefered policies. What we're looking for now though is the ability to know when an image, which previously passed the scan, contains a newly discovered vulnerability. In other words:
1) We deploy an image via our CI/CD pipelines. The scan finds no vulnerabilities that violate our policy.
2) After that date, a new vulnerability is found, which didn't show up in the CI/CD scan since it wasn't known at the time.
3) We get notified that a previously deployed image, which had passed the scan before, is now failing our vulnerability policy.
Is there any way to do this without just re-scanning previously deployed images? We looked at the registry alerts, but that seems like it would produce alerts every day that a particular image is failing the scan (we don't want repeat alerts for the same image/vulnerability).
07-16-2024 09:08 AM
Good Day EGould-Marian,
If you are using registry scanning or deployed image scanning both will trigger alert based on scanning timeline. You can disabled the alerts and use a script to pull data from API that you can use to determine which images you would like to alert on or take action.
Thank You,
James McGrath
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
