Operational Risk Workflow

JFrog Security Documentation

ft:sourceType
Paligo

The following is an overview of the operational Risk workflow:

#

Task

Description

For more information, see...

1

Create Operational Risk Policy

An additional Policy type was added to support Operational Risk rules. The rules are based on the risk types determined by Xray. Violations are generated based on the rule criteria you select.

Create Operational Risk Policy

2

Attach Policy to Watch

Attach the Operational Risk Policy to a Watch or Watches to apply it on your resources.

Configuring Xray Watches

3

View Operational Risk Data

View Operational Risk Data for your components in the Xray Data tab in Artifactory.

View Operational Risk Data

4

View Violations

View Operational Risk violations that were generated based on the Policy rules you set.

View Watch Violation Details

Note

Take note that Xray does not perform impact analysis for operational risk updates. The Operational Risk tab will always be updated. The Violations data is updated up to the latest scan (or the latest package download).