10.7. Tool version menu

To see the detailed info of Docker image version:

  1. Click any Tool version:
    CP_ToolVersionMenu
  2. Tool version menu will be shown:
    CP_ToolVersionMenu

Vulnerabilities report

This tab contains the detailed info of the Docker image's scanning results.
Here you can see vulnerable components (a). Each component has severity estimation (b):
CP_ManageTools

Expand each component details by clicking the "Plus" icon to see more information about it:
a) link to a page of the vulnerability description
b) the component version in which this vulnerability was fixed
c) severity level
d) short description of the vulnerability (it appears when hovering mouse pointer over the link a)
CP_ManageTools

Sort components alphabetically (1), or by their severity (2):
CP_ManageTools

Version settings

CP_ToolVersionMenu

On this tab version-level settings are defined. If these settings are specified - they will be applied to each run of the docker image version. If version-level settings are not defined: docker-level settings will be applied for launch. If docker-level settings are not defined: global defaults will be applied.
There are 3 groups of parameters that user can specify (they are analogical to the "Execution environment" of tool settings, for more details see here):

  • Execution defaults
  • System parameters
  • Custom parameters

For change version-level settings, e.g.:

  1. Select an Instance type.
  2. Set the Price type.
  3. Input the Disk size.
  4. Click Save button:
    CP_ToolVersionMenu
  5. Click CP_ToolVersionMenu button to return into the tool menu.
  6. Click Run → Custom settings for the changed tool version.
  7. Check that version-level settings are applied:
    CP_ToolVersionMenu

Note: via the Cloud Region field at the Version Settings tab, the admin/tool owner can select a specific Cloud Provider/Region to enforce users to run that tool version in it:
CP_ToolVersionMenu
By default, it has Not configured value. This means, that a tool version will be launched in a Default region (configured in the global settings) or a user can set any allowed Cloud Region/Provider manually.

Version packages

CP_ToolVersionMenu

On this tab user can see the full list software packages installed into a specific Docker image.
List of packages is generated from the docker version together with vulnerabilities scanning.
This occurs nightly (all dockers are scanned) or if admin explicitly requests scanning by clicking SCAN button for a specific version.

Currently the following types of software packages can be scanned:

  • System package manager's database (i.e. yumapt)
  • R packages
  • Python packages

Software packages are combined into groups named "Ecosystems".
To view content of any ecosystem, select it in the dropdown list:
CP_ToolVersionMenu

Information about each package contains:

  1. Package name
  2. Package description (if available)
    CP_ToolVersionMenu

For filter/search packages type some text into a search-query field. Search will be done automatically across all ecosystems:
CP_ToolVersionMenu