Services

Explore Kyndryl Bridge Services

Container vulnerability
Published On Apr 28, 2026 - 1:51 PM

Container vulnerability

DevOps Intelligence supports a view of security vulnerabilities that you can monitor.
Selecting Container Vulnerability Scan dashboard displays graphs representing the severity of vulnerabilities in a chart, under the following criteria:
This graph represents the total number of vulnerabilities detected aggregated according to day-month timeline selection. Graph data supports selections of a Drop-down menu application & teams. By default, it is for all applications, all teams & default organizations and it represents 180 days old data.
Severities are classified into 4 categories:
  • Critical
    : Dark red square.
  • High
    : Red square.
  • Medium
    : Orange square.
  • Low
    : Sky blue square.
  • Info
    : Green square

Display Filters

The dashboard is equipped with two filters to tailor data presentation to specific requirements:
  • Global Filter:
     Filter by application and duration (time span in days from selected origin to present) for example, the past 30 days. Default
    All
    .
  • Release Filter:
     Filter by a specific release such as 8/27/2025. Default
    All
    .
The two filters work in concert to limit presented data to the selected application AND duration AND Release. If both are set to the default
All
 all data is presented. However, if for example, you filter on
my_application
 (global filter) and release
July 23, 2025
 (release filter), the dashboard presents only data for
my_application
 at release
July 23, 2025
.

Vulnerability by Severity

The Vulnerabilities by Severity widget provides details about any detected vulnerabilities within a container image, by means of a bar graph that presents two axis, described as follows:
  • X-Axis (
    Duration
    ): The X axis corresponds to the months and dates from the time period selected to show data.
  • Y Axis (
    Total Vulnerabilities
    ): The Y axis corresponds to the number of vulnerabilities detected in the selected time period.
By hovering over the bars in the graph, you can view data about total number of vulnerabilities detected and the severity they belong to, as follows:
  • Group:
     The severity to which the vulnerabilities belong.
  • Duration:
     The cut out date for the vulnerabilities detected.
  • Total/Value:
     The total number of vulnerabilities detected.
By placing the cursor right above a bar, in alignment with the center of it, the following information is displayed:
  • Range:
     The cut-out date for detected Vulnerabilities.
  • Critical:
     Total number of vulnerabilities detected and classified as Critical severity.
  • High:
     Total number of vulnerabilities detected and classified as High severity.
  • Low:
     Total number of vulnerabilities detected and classified as Low severity.
  • Total:
     Total number of vulnerabilities detected including all severities.

Top Critical Technical services

This chart represents the top 5 technical services listed according to their criticality.
This table represents the list of technical services with the latest data scan per technical service. Each row in the table displays information for a specific technical service, separated by columns of information type:
  • Technical service:
     The name of the micro technical service within the larger application.
  • Application:
     The name of the application typically comprises multiple microtechnical services.
  • Vulnerabilities:
     Total number of vulnerabilities detected for technical service.
  • Critical:
     Total number of critical vulnerabilities detected for technical service.
  • Scanned on:
     The technical service was scanned.
  • Secure engine:
     The security source tool is configured.

Export functionality

The Export functionality feature has two dropdown menus for technical services and severity levels. Technical services refer to specific features or functionalities of a software system, and severity levels indicate the severity of issues that require attention i.e: Critical, High, Medium, Low, and Info.
To generate a report, you must select at least one service from the technical services menu and a severity status. Once you have selected the technical services and severity level, you can generate a custom report that focuses on the specific features or functionalities of interest and provides relevant information about the selected issues.
The report is saved as a zip file, which you can easily download and share the reports with colleagues, stakeholders, or other interested parties.

Container Vulnerability Scan details

The Table view supports a sort feature for the following column that enables you to toggle between ascending and descending alphanumeric order for all columns except for URL Vulnerabilities. It also supports detailed views for each technical service, to access details for a specific technical service, click the row for that technical service.
When you click on a technical service from the Table View, a new dialog appears with package details for the technical service. The following elements are displayed in this dialog:
  • The title
    Name of the Service
     in question.
  • The Sub-title
    Container Vulnerability Scan Details
    .
  • A search feature that facilitates the search of a specific package name.
  • A table that displays information for a specific package, separated by columns of information type:
    • Package Name
    • Package Version
    • Package Path
    • Image Digest
    • Vulnerability ID
    • severity
    • Description
    • CVSS Score
The Secure dashboard also supports functionality for Bring Your Own Image. For integration with other Secure Tools, see Bring your own tools.

Toggel: vulnerable services vs. all services

By default, the dashboard shows only services that contain vulnerabilities, which means not all services are displayed. Click the Show All toggle to display all services for selected applictions, regardless of vulernability.
Do you have two minutes for a quick survey?
Take Survey