ScanStep using anchorctl filtering report
complete
R
Rose quartz Chicken
Good Day, we are currently using Anchore via your image which uses anchorectl to generate a Security Testing report. The report is being created without issue. However, the report includes the base layer of the image as well as application data. We would like the report to only show the application data layer. For example we have things like VIM or Ubi8 os related library file CVEs. This is confusing our customers as they are only concerned with there application data and what they need to remedy within their source code. Thank You.
Log In
Lavakush
updated the status to
complete
P
Papaya whip Locust
Feature to support above request is GA'ed please find the doc link https://developer.harness.io/docs/security-testing-orchestration/set-up-scans/container-scanning/base-image-vulnerabilites/base-image-detection/
This post was marked as
in progress
Pritesh Chandaliya
updated the status to
next fiscal quarter
We will have a dedicated view under the STO security tests page to show the base image vulnerabilities. This should solve the problem.
Its planned for Q2.