Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-6028

RHACS: Expose vulnerability source as a search filter and policy criteria

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • RHACS
    • None
    • False
    • None
    • False
    • Not Selected

      Business Problem:

      Customers want to be able to assign responsibility for resolving vulnerabilities to different teams depending on the source. Many customers separate the task of building base images, with OS packages, from the task of adding application-specific layers.

      ACS displays information about the source of a vulnerability using values like OS, JAVA, PYTHON, RUBY, in order to display this information in the UI.

      This information is also available from the API and 'roxctl image scan' where the JSON object has a field "source"

       

      Use Cases:

      _Customer InfoSec staff want to write a policy that identifies Critical, Fixable vulnerabilities of source "OS" and attach a notifier to the Platform team responsible for maintaining base images.
      _

      Customer InfoSec staff want to write a separate policy that identifies Critical, Fixable vulnerabilities of source "JAVA" and attach a notifier that alerts the application team that owns this.

       

      Key Functionality:

      [Outline the main functions and capabilities of the feature]

       

      Benefits:

      [Highlight the benefits/advantages of the suggested feature if not addressed above]]

      Acceptance criteria:

      [Describe the key features that need to be covered by the feature to be able to satisfy the customer]

      Implementation Suggestions (optional):

      • Integration: [Specify any existing systems or tools that the new feature should integrate with]

       

      • Dependencies: [Describe any dependencies on other 3rd party integrations or OCP components] 

       

      • User Experience: [Provide suggestions for designing the UI to optimize usability. Highlight other relevant aspects of the user experience ]

       

      Timeline:

      [Specify the preferred implementation date or any specific deadlines for the feature implementation]

       

      Please use the following Jira fields to complete this Feature Request

      1. [Jira Field] Summary Required: [Provide a clear and concise name/description for the feature]
      2. [Jira Field] Description:
      3. [Jira Field] Component:
      4. [Jira Field] Priority: [Indicate the importance or urgency of the feature on a scale of High, Medium, or Low]
      1. [Jira Field] Supporting Documentation:
         
      1. [Attach any relevant documents, research, or supporting materials that provide additional context or information]

       

       

              bmichael@redhat.com Boaz Michaely
              cporter@redhat.com Christopher Porter (Inactive)
              Anjali Telang, Boaz Michaely, Doron Caspin, JP Jung, Maria Simon Marcos, Shubha Badve
              ACS Core Workflows
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: