04-03-2020 12:51 AM - last edited on 02-07-2022 03:23 PM by jforsythe
Based upon the vulnerabilities reported by Compute in my Lambda function, I updated the urllib3 library in my Python3.7 function to the latest version (1.25.8), but rescanning my function still shows the old library (1.25.7). Does anyone know how I can resolve this? the function should now no longer show any vulnerabilities for urllib3, and should definitely no longer in it's inventory state it uses urllib3 v1.25.7...
04-28-2020 11:11 AM
Hi Johan,
Please review the following hyperlink for directions pertaining to performing a manual scan of your function using twistcli. In my experience this will update your results as expected in the console.
"You can also use the twistcli command line utility to scan your serverless functions. First download your serverless function as a ZIP file, then run: Scan reports can viewed in Prisma Cloud Console, but only when you pass the --ci and the --publish flag to twistcli.
These flags are designed to minimize clutter in the Console UI, since many people might be using`twistcli` for scanning, but everyone will need to share it with the larger team in Console. To view scan reports in Console, go to Monitor > Vulnerabilities > Functions > CI or Monitor > Compliance > Functions > CI.
$ twistcli serverless scan <SERVERLESS_FUNCTION.ZIP>"
Thanks
Patrick
04-28-2020 11:11 AM
Hi Johan,
Please review the following hyperlink for directions pertaining to performing a manual scan of your function using twistcli. In my experience this will update your results as expected in the console.
"You can also use the twistcli command line utility to scan your serverless functions. First download your serverless function as a ZIP file, then run: Scan reports can viewed in Prisma Cloud Console, but only when you pass the --ci and the --publish flag to twistcli.
These flags are designed to minimize clutter in the Console UI, since many people might be using`twistcli` for scanning, but everyone will need to share it with the larger team in Console. To view scan reports in Console, go to Monitor > Vulnerabilities > Functions > CI or Monitor > Compliance > Functions > CI.
$ twistcli serverless scan <SERVERLESS_FUNCTION.ZIP>"
Thanks
Patrick
04-29-2020 04:24 AM
Thanks for the suggestion, though I am still wondering why a "scan now" button doesn't automatically update the results...
04-29-2020 10:06 AM - edited 04-29-2020 12:44 PM
Hi Johan,
Have you recently upgraded? Any changes to note? As explained to me, twistcli scans are different from what takes place when the "scan now" button is used. Specifically, I've seen this before, after an upgrade. Glad to be of assistance.
Patrick
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
