Skip to content

Commit

Permalink
Merge pull request #124 from shipwright-io/qu1queee/fixy
Browse files Browse the repository at this point in the history
Fix some markdown formatting for Vulscan blog
  • Loading branch information
openshift-merge-bot[bot] authored Jul 16, 2024
2 parents 874e44b + 8b0d0a7 commit a8a3534
Showing 1 changed file with 9 additions and 9 deletions.
18 changes: 9 additions & 9 deletions content/en/blog/posts/2024-07-15-vulnerability-scanning.md
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ You can learn more by visiting this [link](https://shipwright.io/blog/2020/11/30

Vulnerability scanning for container images involves examining the image for known security vulnerabilities. This is typically done using automated tools that compare the contents of the image against a database of known vulnerabilities. The key reasons for Vulnerability Scanning are:
- **Security**: Containers often include third-party libraries and dependencies, which might have known vulnerabilities. If these vulnerabilities are exploited, they can lead to data breaches, unauthorized access, and other security incidents.
- **Compliance: Many industries have regulatory requirements that mandate regular security assessments, including vulnerability scanning. Ensuring your container images are free from known vulnerabilities helps in meeting these compliance standards.
- **Compliance**: Many industries have regulatory requirements that mandate regular security assessments, including vulnerability scanning. Ensuring your container images are free from known vulnerabilities helps in meeting these compliance standards.
- **Stability**: Vulnerabilities can also impact the stability and performance of your applications. By identifying and fixing these issues early, you can maintain the reliability of your software.

There are many popular tools available for vulnerability scanning of container images, such as Clair, Trivy, Aqua Security, and Snyk.
Expand All @@ -54,14 +54,14 @@ spec:
**Configuration Options**
- `vulnerabilityScan.enabled`: Specify whether to run vulnerability scan for image. The supported values are true and false.
- `vulnerabilityScan.failOnFinding`: Indicates whether to fail the build run if the vulnerability scan results in vulnerabilities. The supported values are true and false. This field is optional and false by default.
- `vulnerabilityScan.ignore.issues`: References the security issues to be ignored in vulnerability scan
- `vulnerabilityScan.ignore.severity`: Denotes the severity levels of security issues to be ignored, valid values are :
- low : it will exclude low severity vulnerabilities, displaying only medium, high and critical vulnerabilities
- medium : it will exclude low and medium severity vulnerabilities, displaying only high and critical vulnerabilities
- high : it will exclude low, medium and high severity vulnerabilities, displaying only the critical vulnerabilities
- `vulnerabilityScan.ignore.unfixed`: Indicates to ignore vulnerabilities for which no fix exists. The supported types are true and false.
- `vulnerabilityScan.enabled`: Specify whether to run vulnerability scan for image. The supported values are true and false.
- `vulnerabilityScan.failOnFinding`: Indicates whether to fail the build run if the vulnerability scan results in vulnerabilities. The supported values are true and false. This field is optional and false by default.
- `vulnerabilityScan.ignore.issues`: References the security issues to be ignored in vulnerability scan
- `vulnerabilityScan.ignore.severity`: Denotes the severity levels of security issues to be ignored, valid values are:
- low: it will exclude low severity vulnerabilities, displaying only medium, high and critical vulnerabilities.
- medium: it will exclude low and medium severity vulnerabilities, displaying only high and critical vulnerabilities.
- high: it will exclude low, medium and high severity vulnerabilities, displaying only the critical vulnerabilities.
- `vulnerabilityScan.ignore.unfixed`: Indicates to ignore vulnerabilities for which no fix exists. The supported types are true and false.

## Lets dive right in

Expand Down

0 comments on commit a8a3534

Please sign in to comment.