Stumbled on this when searching for answer: https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/prisma-cloud-compute-function-scan-on-...
Seems like it hasn't been answer but the issue still happen, not sure if only for my environment, but seems like Prisma does not update the scan result after finishing the scan when the fix applied on the updated packages. I view this under Monitor -> Images -> Registries/Deployed. Under "Layer" tab, i only see the last command run to verify the vulnerability 7 days before the scan. Seems like it never pick up the scan whenever it runs. Developer even shows me the updated jar package, but in Prisma, it still showing older version. Anyone know the cause?
Once the vulnerability issues are fixed for an image and is pushed to deployment, it is considered as a new image. You might be looking at the old scan results for the old image. Since it is considered as a new image - new scan results will be available.
However, if you want to know the scan results irrespective of Pass/Fail please check in Compute->defend ->Compliance-> Add rule ->Reported results (scroll all the way down). This allows you to see the scan results for every scan executed.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!