mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
36 lines
1.7 KiB
Plaintext
36 lines
1.7 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * security/pod-vulnerabilities-scan.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="security-pod-scan-cso-using_{context}"]
|
|
= Using the {rhq-cso}
|
|
|
|
The following procedure shows you how to use the {rhq-cso}.
|
|
|
|
.Prerequisites
|
|
|
|
* You have installed the {rhq-cso}.
|
|
|
|
.Procedure
|
|
|
|
. On the {product-title} web console, navigate to *Home* -> *Overview*. Under the *Status* section, *Image Vulnerabilities* provides the number of vulnerabilities found.
|
|
|
|
. Click *Image Vulnerabilities* to reveal the *Image Vulnerabilities breakdown* tab, which details the severity of the vulnerabilities, whether the vulnerabilities can be fixed, and the total number of vulnerabilities.
|
|
|
|
. You can address detected vulnerabilities in one of two ways:
|
|
+
|
|
.. Select a link under the *Vulnerabilities* section. This takes you to the container registry that the container came from, where you can see information about the vulnerability.
|
|
|
|
.. Select the *namespace* link. This takes you to the *Image Manifest Vulnerabilities* page, where you can see the name of the selected image and all of the namespaces where that image is running.
|
|
|
|
. After you have learned what images are vulnerable, how to fix those vulnerabilities, and the namespaces that the images are being run in, you can improve security by performing the following actions:
|
|
|
|
.. Alert anyone in your organization who is running the image and request that they correct the vulnerability.
|
|
|
|
.. Stop the images from running by deleting the deployment or other object that started the pod that the image is in.
|
|
+
|
|
[NOTE]
|
|
====
|
|
If you delete the pod, it might take several minutes for the vulnerability information to reset on the dashboard.
|
|
==== |