Improved Vulnerability Scanner #1761
Comments
|
Thanks a lot for this 👏 |
|
I'd like to add a suggestion. It would be useful for a feature to run a full-rescan of a registry. I have many, many images in Portus/Registry prior to configuring Clair and I now cannot rescan those images it seems. |
|
Will this include updating to use the Clair V3 API too? |
I see that this version of the API is only included in the That being said, I remember that there were some changes on the Thanks for the heads up 👍 |
|
Is there any way to have it run the scan against the entire registry once you enable clair? |
Abstract
The first phase of the vulnerability scanner allowed the general scanning of repositories. In order to make better and more precise conclusions out the results it is desired to improve the vulnerability scanner.
This issue here is intended to track all the effort related to deliver an improved version of the vulnerability scanner.
The issue #1658 targets some of the features
Related Tasks
Store vulnerabilities in a more clever way #1669 Store vulnerabilities in a more clever way.
Periodic scanning of images:
Scanning should not only happen once after an image is pushed. Images should be scanned on a regular basis. There should be an option to control the scheduler. (Examples: How Often, Scan only Latest, Newest, SemVer newest, Tag RegEx and so forth.)
Better Vulnerability overview and reporting.
Overview of images the vulnerable. (Examples: Sort images by vulnerability. All vulnerabilities of latest images)
Add vulnerability results to audit trail.
See if Pushed images are vulnerable
Vulnerability Notifications.
Get Notification if Vulnerable images becomes vulnerable. (Example: All, Only Latest)
You are invited to make suggestions
The text was updated successfully, but these errors were encountered: