The following table describes Xray capabilities that are supported in the Application module:
Xray Capability | Description |
---|---|
Search for Xray Data | Search for resources containing specific vulnerability and license compliance information according to Resource Name, CVE number, license, severity level and narrow it down to a specific date range. For more information, see Searching for Scanned Resources. |
Manage Violations on a Watch | View the detected violations for a specific Watch as well as setting ignore rules if needed. For more information, see Examining Violations on a Watch. |
Analyze Your Resource Scanned Results | View Xray data on each of the scanned resources allowing you todrill down to expose greater detail and help you analyze the state of your components. For more information, see Analyzing Your Resource Scan Results. |
Integrate Xray into Your CI-CD Pipeline | JFrog Xray can be integrated into your organization's CI/CD pipeline to make sure that build jobs containing violations are stopped early in the process. As part of a fully automated process, Xray receives information about a build that has just been run by your CI server, and runs a deep recursive scan on the build down to the deepest level dependency. If any violations are found, Xray returns an indication to the calling CI server and fails the build. For more information, see CI-CD Integration with Xray. |
Integrate Xray into Your IDE | JFrog Xray is instrumental in flagging components with vulnerabilities during the development, by displaying vulnerabilities as early as possible in the developer's IDE. For more information, see IDE Integration. |