All Products
Search
Document Center

Security Center:View image scan results

Last Updated:Mar 12, 2024

Security Center provides the feature of container image scan to detect system vulnerabilities, application vulnerabilities, baseline risks, and malicious image samples in your images, and displays the detected risks by category. This way, you can view the overall security status of your images. This topic describes how to view the risks in your images.

Prerequisites

Container image scans are performed. For more information, see Scan images.

Background information

You can use container image scan to detect image system vulnerabilities, image application vulnerabilities, baseline risks, malicious image samples, and sensitive image files. You can use the feature to fix only specific image system vulnerabilities. We recommend that you handle risks in containers at the earliest opportunity based on the information provided by Security Center. The information includes fixing commands, impact descriptions, and paths to malicious files.

View risk statistics

Security Center allows you to view the statistics of images with high, medium, and low risks, and the statistics and lists of scanned and unscanned images. This way, you can quickly identify images that are at risk.

  1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. You can select China or Outside China.In the left-side navigation pane, choose Protection Configuration > Container Protection > Image Security.

  2. On the Image Security page, view the following statistics:

    • Numbers of images with high, medium, and low risks

      In the upper part of the Image Security page, click the number below High-risk Image, Medium-risk Image, or Low-risk Image. On the Container page, view the details of images.

    • View the numbers of scanned images and unscanned images

      In the upper part of the Image Security page, click the number below Scanned Images or Unscanned Image. In the Scanned Images or Unscanned Images panel, view the list of scanned images or unscanned images.

      Important

      The image list in the Unscanned Images panel displays the images that are not scanned and the images that failed to be scanned.

View image system vulnerabilities

  1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. You can select China or Outside China.In the left-side navigation pane, choose Protection Configuration > Container Protection > Image Security.

  2. On the Image Security page, click the Image Vulnerability tab.

  3. On the System Vulnerability tab, view the image system vulnerabilities that are detected.

    You can perform the following operations:

    • Search for vulnerabilities

      On the System Vulnerability tab, filter vulnerabilities by vulnerability priority, instance ID, repository name, namespace, digest, or vulnerability name. A vulnerability priority can be high, medium, or low. You can also select Image Scan or Container Runtime Image Scan to filter vulnerabilities.

      Note

      You can search for vulnerabilities by repository or vulnerability name. Fuzzy match is supported.

    • View vulnerability details

      Find the vulnerability whose details you want to view and click View in the Operation column. On the page that appears, perform the following operations based on your business requirements:

      • View the details of the Alibaba Cloud vulnerability library

        Click the Common Vulnerabilities and Exposures (CVE) ID to go to the Alibaba Cloud vulnerability library. This library displays details of the vulnerability, including the vulnerability description, basic information, and the solution to fix the vulnerability.

      • View the fixing commands and impact descriptions

        Click Details to view the fixing commands and impact descriptions.

        Note

        Security Center does not support quick fixes of image system vulnerabilities. You can manually locate and fix the vulnerabilities based on the fixing commands and impact descriptions. After you fix an image system vulnerability, click Scan Now on the Image Security page to update the vulnerability status on the System Vulnerability tab.

    • Export the list of image system vulnerabilities

      You can click the The Export icon icon in the upper-right corner of the vulnerability list to export the list of image system vulnerabilities with a few clicks.

View image application vulnerabilities

  1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. You can select China or Outside China.In the left-side navigation pane, choose Protection Configuration > Container Protection > Image Security.

  2. On the Image Security page, click the Image Vulnerability tab and then the Image Application Vul tab.

  3. On the Image Application Vul tab, view the image application vulnerabilities that are detected.

    You can perform the following operations:

    • Search for vulnerabilities

      On the Image Application Vul tab, filter vulnerabilities by vulnerability priority, instance ID, repository name, namespace, digest, or vulnerability name. A vulnerability priority can be high, medium, or low. You can also select Image Scan or Container Runtime Image Scan to filter vulnerabilities.

      Note

      You can search for vulnerabilities by repository or vulnerability name. Fuzzy match is supported.

    • View vulnerability details

      Find the vulnerability whose details you want to view and click View in the Operation column. In the vulnerability details panel, perform the following operations based on your business requirements:

      • View the details of the Alibaba Cloud vulnerability library

        Click the CVE ID to go to the Alibaba Cloud vulnerability library. This library displays details of the vulnerability, including the vulnerability description, basic information, and the solution to fix the vulnerability.

      • View the fixing commands and impact descriptions

        Click Details to view the fixing commands and impact descriptions.

    • Export the list of image application vulnerabilities

      You can click the The Export icon icon in the upper-right corner of the vulnerability list to export the list of image application vulnerabilities with a few clicks.

View the results of image baseline checks

  1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. You can select China or Outside China.In the left-side navigation pane, choose Protection Configuration > Container Protection > Image Security.

  2. On the Image Security page, click the Image Baseline Check tab.

  3. On the Image Baseline Check tab, view the results of image baseline checks.

    You can perform the following operations:

    • Filter the results of image baseline checks

      You can use the filter above the results of image baseline checks to search for results by severity. The severity can be Important, Medium risk, or Low. You can also enter search conditions in the search box above the results of image baseline checks to search for results by baseline name or type.

    • View the results of image baseline checks

      In the results of image baseline checks, you can view the information such as Baseline Name/Category, Affected Mirrors, Latest scan time, First Scan Time, and Status.

    • View the details of the result of an image baseline check

      In the results of image baseline checks, you can find a baseline and click Details in the Operation column to view the details of the result. You can view information such as the addresses and versions of the images that are affected by the baseline, and the number of baseline risks detected on the images. You can find an image and click Details in the Operation column. In the panel that appears, you can view the details of the risk items of the image.

    • Export the results of image baseline checks

      You can click the The Export icon icon in the upper-right corner of the results of image baseline checks to export the results with a few clicks.

View malicious image samples

  1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. You can select China or Outside China.In the left-side navigation pane, choose Protection Configuration > Container Protection > Image Security.

  2. On the Image Security page, click the Image Malicious Sample tab.

  3. On the Image Malicious Sample tab, view the detected malicious image samples.

    Important

    A malicious image sample may change the memory attributes from readable and writable to readable and executable or modify the network proxy settings to intrude into your server. We recommend that you handle the malicious image samples at the earliest opportunity.

    You can perform the following operations:

    • Search for malicious image samples

      In the upper-left corner of the list of malicious image samples, select Urgent, Suspicious, or Notice to query malicious image samples. You can also filter malicious image samples by instance ID, repository name, namespace, digest, or malicious sample name.

    • View malicious image samples

      In the list of malicious image samples, you can view the sample names, number of affected images, first scan time, last scan time, and processing status.

    • View the details of a malicious image sample

      Find the malicious image sample whose details you want to view and click Details in the Operation column.

    • Export the list of malicious image samples

      You can click the The Export icon icon in the upper-right corner of the sample list to export the list of malicious image samples with a few clicks.

View sensitive image files

  1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. You can select China or Outside China.In the left-side navigation pane, choose Protection Configuration > Container Protection > Image Security.

  2. On the Image Security page, click the Sensitive Image File tab.

  3. On the Sensitive Image File tab, view the detected sensitive image files.

    You can perform the following operations:

    • Search for sensitive image files

      In the upper-left corner of the list of sensitive image files, select High, Medium, or Low to query sensitive image files. You can also filter sensitive image files by alert type of sensitive files or type of sensitive information.

    • View sensitive image files

      In the list of sensitive image files, you can view the alert types of sensitive files, types of sensitive information, number of affected images, first scan time, and last scan time.

    • View the details of a sensitive image file

      To view the images that are affected by a sensitive image file, find the sensitive image file and click Details in the Operation column. To view the sensitive image files that affect an image, find the affected image and click Details in the Operation column. We recommend that you estimate risks based on your business requirements, remove file content that may cause security risks, and then recreate the image.