Configure Vulnerability Scanning on a Per-Project Level
Cloud administrators and DevOps administrators can set threshold values that prevent vulnerable images that exceed the threshold from being run. An automated scan on new images that are pushed to the project registry is also available.
- In the Management Portal, navigate to Administration > Projects > Your_project > Configuration.
- To prevent vulnerable images from your project repository to run, select the Prevent vulnerable images from running check box.
(Optional) Change the severity level of vulnerabilities found that prevents an image to run.
Images cannot be run if their level equals the currently selected level or higher.
To activate an immediate vulnerability scan on new images that are pushed to the project registry, select the Automatically scan images on push check box.
- To verify the scan results, click the Repositories tab, expand the image repository and hover over the report under vulnerability.