After you install a CI/CD plug-in on Jenkins or GitHub, Security Center scans images in a Jenkins or GitHub project for risks when you build the project. You can view image scan results and handle risks based on the solutions that are provided by Security Center. This topic describes how to view image scan results.

Procedure

  1. Log on to the Security Center console.In the left-side navigation pane, choose Protection Configuration > Container Protection > CI/CD Integration Settings.
  2. In the CI/CD plug-in list of CI/CD Integration Settings page, find the plug-in that is used to scan images and click View in the Actions column. The Container page appears.
  3. On the Image tab of the Container page, view the image scan results.
    You can view the recently scanned images in the image list. You can also search for an image by image ID or image tag.
  4. Find the image whose risks you want to handle and click Handle in the Actions column to go to the image details page.
    • On the image details page, you can view the following information: Image System Vul, Image Application Vul, Image Baseline Check, and Image Malicious Sample. In the upper-left corner of the vulnerability list, you can filter vulnerabilities by priority. You can also search for specific vulnerabilities.
    • If you want to view the details about a vulnerability, click View in the Operation column. The details page that appears provides the affected assets, the command that can be used to fix the vulnerability, and other details.