Scan Result Details

When you drill down into the Scan Results list, the details menu provides a variety of ways to view vulnerability and policy violation data at a glance.

  • Policy Summary views

  • Vulnerabilities summaries

  • Content summaries

These summaries provide:

  • An easy-to-parse view of why a specific image failed

  • Which rules generated the most Warn and Stop actions

  • Overview of how an image has performed against the various audit policies that have been put in place

  • Ability to filter for high-severity CVEs, and see which have an available fix

You can also download the Policy Summary to PDF and the Vulnerabilities Summary to a CSV file.

Policy Results Views

Summary

The landing page of a Scan Results detail is the Policy Summary view.

You can:

  • Get a birds-eye view of scanning status

  • Drill down to a detail page

  • Click Download as PDF to get a full report, including all underlying CVEs.

  • Added On: See the date and time the scan was added.

  • Added By: See the mechanism by which the scan was reported.

    Possible values are: Sysdig Secure UI, Node Image Analyzer, API, Sysdig Inline Scanner, or Scanning alert.

  • Re-evaluate: Click the button to fetch the newest scan results

scan_results_1.jpg

Select Dates for Past Scans

From the dropdown, select the date of the scan you'd like to analyze.

Review Scanning Policy Details

Select a listed Policy to see details about the STOP and WARN actions triggered in the Evaluation,

as well as the underlying Rules affected.

result_policy.png

Review Vulnerability Summaries

Select either Operating System-related or Non-Operating System-related Vulnerability summaries to review.

You can:

  • Get a birds-eye-view of vulnerability status

  • Click a CVE number to get the full details and/or add it to an Exceptions list

  • Search or filter by severity: Critical, High, Medium, Negligible, Unknown. Also filter by whether it "Has a Fix".

  • Click Download CSV to get the vulnerabilities data as a CSV file

  • Open the Vulnerabilty Details panel on the right by selecting an image from the list

  • Added On: See the date and time the scan was added.

Screen_Shot_2021-03-17_at_12_29_23_PM.png

Vulnerability Comparison

The vulnerability comparison allows users to compare two different tags within the same repo to see which vulnerabilities are new or have been fixed in version X compared to version Y.

This allows developers easily to compare the latest image to a previous version to easily report on which vulnerabilities have been addressed and which are new.

  1. Select an image from a line in the Scan Results list.

  2. From the Compare To drop-down, select another version of this image with which to compare.

  3. The comparison report is displayed.

    vuln_comp_results.png

Review Content Details

Navigate through node, ruby, python, java, OS packages, and the files in a container to search for details about a particular package or file.

374671248.png