Examining Violations on a Watch

JFrog Security Documentation

ft:sourceType
Paligo
Overview

You can review and manage all the violations generated by a Watch under a central location within the Violations tab on an ongoing basis. In addition to the Xray Data that is displayed on each of the resource levels.

You can perform the following:

Viewing Violations

The Violations tab in a Watch is the central location for viewing the detected violations based on the policies and rules you have predefined on the Watch. You can view the list of the violations, search for violations according to filters, set ignore rules, and edit the Watch in the Settings tab.

  1. In the Application module, under Security & Compliance, click Watch Violations.

  2. Select the required Watch and click the Violations tab to view the violations.

Viewing Violation Details

Click on a specific watch from the main Watch module page to examine all of its defined violations. You can filter the watch violations using the search mechanism, according to text, created date, type, severity, and CVE ID.

To examine the details of a violation, click the violation from the list to display the Violation Details popup.

Searching for Violations

You can search for specific violations according the text, minimum severity level, CVE number and Policy Type - Security or License, or both.

Ignoring Violations on a Watch

Users with the Manage Watches role can choose to ignore violations detected on a watch in cases whereby a violation is low priority, or needs to be whitelisted or dealt with in future versions. For more information, see Ignore Rules.