Alerts for Prisma Cloud compute scans going from good to bad

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Alerts for Prisma Cloud compute scans going from good to bad

L0 Member

Right now, my team has scans for our images set up as part of our CI/CD pipelines, and the scans are compared against our prefered policies.  What we're looking for now though is the ability to know when an image, which previously passed the scan, contains a newly discovered vulnerability.  In other words:

1) We deploy an image via our CI/CD pipelines.  The scan finds no vulnerabilities that violate our policy.

2) After that date, a new vulnerability is found, which didn't show up in the CI/CD scan since it wasn't known at the time.

3) We get notified that a previously deployed image, which had passed the scan before, is now failing our vulnerability policy.

Is there any way to do this without just re-scanning previously deployed images? We looked at the registry alerts, but that seems like it would produce alerts every day that a particular image is failing the scan (we don't want repeat alerts for the same image/vulnerability).

1 REPLY 1

L1 Bithead

Good Day EGould-Marian,

 

If you are using registry scanning or deployed image scanning both will trigger alert based on scanning timeline.    You can disabled the alerts and use a script to pull  data from API that you can use to determine which images you would like to alert on or take action.

 

Thank You,

James McGrath

 

 

 

 

 

PREVIEW
 
  • 702 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!