compute vulnerability results not updating

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

compute vulnerability results not updating

L3 Networker

Based upon the vulnerabilities reported by Compute in my Lambda function, I updated the urllib3 library in my Python3.7 function to the latest version (1.25.8), but rescanning my function still shows the old library (1.25.7). Does anyone know how I can resolve this? the function should now no longer show any vulnerabilities for urllib3, and should definitely no longer in it's inventory state it uses urllib3 v1.25.7... 

1 accepted solution

Accepted Solutions

L2 Linker

Hi Johan,

 

Please review the following hyperlink for directions pertaining to performing a manual scan of your function using twistcli. In my experience this will update your results as expected in the console.

 

"You can also use the twistcli command line utility to scan your serverless functions. First download your serverless function as a ZIP file, then run: Scan reports can viewed in Prisma Cloud Console, but only when you pass the --ci and the --publish flag to twistcli.
These flags are designed to minimize clutter in the Console UI, since many people might be using`twistcli` for scanning, but everyone will need to share it with the larger team in Console. To view scan reports in Console, go to Monitor > Vulnerabilities > Functions > CI or Monitor > Compliance > Functions > CI.
$ twistcli serverless scan <SERVERLESS_FUNCTION.ZIP>"

 

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/vulnerability_manag...

 

Thanks 

Patrick

Respectfully,
Patrick

View solution in original post

3 REPLIES 3

L2 Linker

Hi Johan,

 

Please review the following hyperlink for directions pertaining to performing a manual scan of your function using twistcli. In my experience this will update your results as expected in the console.

 

"You can also use the twistcli command line utility to scan your serverless functions. First download your serverless function as a ZIP file, then run: Scan reports can viewed in Prisma Cloud Console, but only when you pass the --ci and the --publish flag to twistcli.
These flags are designed to minimize clutter in the Console UI, since many people might be using`twistcli` for scanning, but everyone will need to share it with the larger team in Console. To view scan reports in Console, go to Monitor > Vulnerabilities > Functions > CI or Monitor > Compliance > Functions > CI.
$ twistcli serverless scan <SERVERLESS_FUNCTION.ZIP>"

 

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/vulnerability_manag...

 

Thanks 

Patrick

Respectfully,
Patrick

Thanks for the suggestion, though I am still wondering why a "scan now" button doesn't automatically update the results...

Hi Johan,

 

Have you recently upgraded? Any changes to note? As explained to me, twistcli scans are different from what takes place when the "scan now" button is used. Specifically, I've seen this before, after an upgrade. Glad to be of assistance.

 

Patrick

Respectfully,
Patrick
  • 1 accepted solution
  • 6644 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!