This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies. For details on cookie usage on our site, read our Privacy Policy
to be a bit more precise: The same image scanned in the runtime radar, will report vulnerabilities found in packages used by our packages, while the jenkins initiated scan only finds vulnerabilities in direct dependencies, for examples packages directly specified in the package.json, but not their dependencies. Isn't there any way to get all dependencies transitively/recursively scanned?
... View more
We have setup twistlock / prisma cloud to scan our images for vulnerabilities and compliance. While given the same rules, the runtime defence radars discover 2 vulnerabilities and 2 compliance violations in a particular image, when I run a scan with prismaCloudScanImage jenkinsplugin, it only reports the 2 compliance issues, but not the vulnerabilities! Does anyone know what could be the issue?
... View more