DevOps Intelligence supports a view of security vulnerabilities that you can monitor.
Selecting Container Vulnerability Scan will open the Vulnerabilities by severity dashboard displaying graphs representing the severity of vulnerabilities in a chart, under the following criteria:
This graph represents the total number of vulnerabilities detected aggregated according to day-month timeline selection. Graph data supports selections of a Drop-down menu application & teams. By default, it is for all applications, all teams & default organizations and it represents 180 days old data.
Severities are classified into 4 categories:
Critical
: Dark red square.
High
: Red square.
Medium
: Orange square.
Low
: Sky blue square.
Info
: Green square
Vulnerability by Severity
The Vulnerabilities by Severity widget provides details about any detected vulnerabilities within a container image, by means of a bar graph that presents two axis, described as follows:
X-Axis (
Duration
): The X axis corresponds to the months and dates from the time period selected to show data.
Y Axis (
Total Vulnerabilities
): The Y axis corresponds to the number of vulnerabilities detected in the selected time period.
By hovering over the bars in the graph, you can view data about total number of vulnerabilities detected and the severity they belong to, as follows:
Group:
The severity to which the vulnerabilities belong.
Duration:
The cut out date for the vulnerabilities detected.
Total/Value:
The total number of vulnerabilities detected.
By placing the cursor right above a bar, in alignment with the center of it, the following information is displayed:
Range:
The cut-out date for detected Vulnerabilities.
Critical:
Total number of vulnerabilities detected and classified as Critical severity.
High:
Total number of vulnerabilities detected and classified as High severity.
Low:
Total number of vulnerabilities detected and classified as Low severity.
Total:
Total number of vulnerabilities detected including all severities.
Top Critical Technical services
This chart represents the top 5 technical services listed according to their criticality.
This table represents the list of technical services with the latest data scan per technical service. Each row in the table displays information for a specific technical service, separated by columns of information type:
Technical service:
The name of the micro technical service within the larger application.
Application:
The name of the application typically comprises multiple microtechnical services.
Vulnerabilities:
Total number of vulnerabilities detected for technical service.
Critical:
Total number of critical vulnerabilities detected for technical service.
Scanned on:
The technical service was scanned.
Secure engine:
The security source tool is configured.
Export functionality
The Export functionality feature has two dropdown menus for technical services and severity levels. Technical services refer to specific features or functionalities of a software system, and severity levels indicate the severity of issues that require attention i.e: Critical, High, Medium, Low, and Info.
To generate a report, you must select at least one service from the technical services menu and a severity status. Once you have selected the technical services and severity level, you can generate a custom report that focuses on the specific features or functionalities of interest and provides relevant information about the selected issues.
The report is saved as a zip file, which you can easily download and share the reports with colleagues, stakeholders, or other interested parties.
Container Vulnerability Scan details
The Table view supports a sort feature for the following column that enables you to toggle between ascending and descending alphanumeric order for all columns except for URL Vulnerabilities. It also supports detailed views for each technical service, to access details for a specific technical service, click the row for that technical service.
When you click on a technical service from the Table View, a new dialog appears with package details for the technical service. The following elements are displayed in this dialog:
The title
Name of the Service
in question.
The Sub-title
Container Vulnerability Scan Details
.
A search feature that facilitates the search of a specific package name.
A table that displays information for a specific package, separated by columns of information type:
Package Name
Package Version
Package Path
Image Digest
Vulnerability ID
severity
Description
CVSS Score
The Secure dashboard also supports functionality for Bring Your Own Image. For integration with other Secure Tools, see Bring your own tools.