Repositories can be configured automatically to scan for JAS, as described in Set Up JFrog Advanced Security. You can also run Contextual Analysis and scan for Exposure per repository and artifact on-demand.
Starting from Xray version 3.66.x and above, you can run Contextual Analysis or scan for Exposures on an existing artifact.
Starting from Xray version 3.73.x and above, you can run Contextual Analysis and scan for Exposures per repository when needed.
Advanced Scans on Existing Artifact
Do the following:
From the Scans List page, Repositories tab, select the repository.
Navigate to the artifact you want.
Click the Actions Menu next to the artifact, and select Run Contextual Analysis or Scan for Exposures.
The results appear under Security Issues.
Advanced Scans per Repository
From the Scans List page, Repositories tab, navigate to the repository you want to scan.
Click the Actions Menu next to the repository and select Advanced Scan.
In the Advanced Scan dialog box, define the criteria. The criteria specifies which artifacts that are contained in the selected repository are to be scanned. You can select the following:
Deployed in: Defines a scope of artifacts that were deployed in Artifactory within a specific time range.
Downloaded in: Defines a scope of artifacts that were downloaded from Artifactory within a specific time range.
Any time: Any artifacts that exist within the repository.
Pattern: Defines a path within the repository. A pattern is required in addition to the date range.
Categories: Defines which JAS categories to scan for issues.
Click Next and follow the Wizard instructions.
