Contextual Analysis evaluates security vulnerabilities within the broader system, application, or environment. Instead of flagging issues in isolation, it assesses real-world exploitability based on system configurations, dependencies, and runtime conditions. It also considers the potential impact within the specific environment and examines vulnerabilities in the full artifact, including the build, release bundle, or deployment state.
Read more about Contextual Analysis.
- Navigate to Application > Xray > Watches & Policies.
- In the Policies tab, click New Policy.
- Enter a Policy Name.
- (Optional) Add a Description explaining the policy's purpose.
- Under Select Policy Type, select Security, and hit Next.
The Create New Policy Rule window opens. - Enter a Rule Name.
- Under Rule Type, select CVEs.
- Define Rule category and Add CVE IDs.
- Check the Skip Not Applicable CVEs option.
This ensures that the policy does not issue violations for CVEs found not applicable by the Contextual Analysis Scanners, and thus will not impact your environment. - Under Then, define the policy actions, select Save Rule, and hit Next.
- Under Apply on Scope, select one or more policy watches and hit Save Policy.