As a user, the Image Management feature within Kyndryl's DevOps Intelligence suite is invaluable for gaining insights into the software images used within your organization's software development lifecycle. This feature grants you access to pertinent data about these images, facilitating your decision-making processes.

The Image Management feature proves highly beneficial due to its capacity to keep track of the various components of modern software, which often includes a blend of in-house developed source code and third-party libraries, especially open-source ones. With the rising dependence on open-source libraries, monitoring them is imperative due to their convenience and ability to reduce time-to-market significantly. These libraries, while advantageous, can potentially introduce security vulnerabilities and license compliance issues. The Image Management feature helps you avoid such issues, keeping your software assets safe and secure.

At a macro level, the Image Management feature gathers crucial data about the images used in the software development lifecycle. This includes the total count of unique images, the number of images with vulnerabilities, and images not scanned in the last 150 days.

To view the Image management dashboard, you must:

On this dashboard, you will be presented with an Image management widget, a Top 5 applications with vulnerable images, and an Image details table.

The Image Management Metrics are split into four categories:

Overall unique images
: This metric includes the total count of unique images from the latest master images; even if a single technical service contains multiple images, it counts as one. The percentage of these images that are open-source is also displayed.
Images with vulnerabilities
: This represents the number and percentage of images with vulnerabilities. This metric also compares the vulnerability image percentage increase or decrease in the last 30 days concerning the previous 30 days.
Images multiple critical/high vulnerabilities
: This metric represents the total number of images with multiple critical or high vulnerabilities out of the total vulnerable images.
Images Not Scanned in the Last 150 Days
: Displays the number of images not scanned in the last 150 days.

This visualization supports:

Application Filtering
: The graph adjusts based on the selection in the application dropdown menu. By default, it displays data for all applications.
Timeline Adjustment
: It supports a selectable timeline that defaults to the past 7 days and can be adjusted as needed.
Release Selection
: The graph also updates based on the selected release from the Release dropdown.

The Image details table provides a detailed view of each image's vulnerabilities. The table adjusts based on the selections made in two dropdowns: Technical service, and Severities. It shows all applications and data from the past 7 days by default. Here's what each column represents:

Image
: The name of the image.
Version
: The version of the image.
Technical service
: The technical service associated with the image.
Application
: The application to which the image is linked.
Release
: The release under which the image falls.
Total vulnerabilities
: The total number of identified vulnerabilities.
Critical
and
High
: The number of vulnerabilities categorized based on their severity.
Last scanned
: The last date the image was scanned for vulnerabilities.
Tools Engine
: Displays the name of the tool engine in use.

The Image details table displays all data based on the timeframe selected. All columns in this table can be sorted except the Tool engine column. Above this table, you will find a search box that allows searching technical services by name and a

Settings

icon that allows you to change the settings to show or hide pre-selected columns. Additionally, an export function allows you to download a zip report of the table for offline analysis and record-keeping.

The Image details view can be accessed by selecting the vertical ellipsis menu located to the far right of the image in the table and selecting

View details

; this page provides a comprehensive view of the vulnerabilities associated with a specific image; you will see the Image name, the Version, and a Vulnerability summary categorized as Critical and High.

The table on this page gives detailed information about each vulnerability as follows: