Create Advanced Security Policies

Security policies define rules based on security criteria, triggering automatic actions when the conditions are met. These policies are enforced when applied to Xray Watches. To ensure effective security management, it is recommended to create policies that focus on specific types of violations based on your security requirements.

Advanced Security allows you to enhance existing and newly created Xray Policies with Exposures detection and contextual analysis rules.

Violations can be viewed in:

• The Scans List
• The Watch Violations page

The following REST APIs support Advanced Security policies:

• Create Policy
• Get Policy

The following REST APIs support Contextual Analysis:

• Get Contextual Analysis per Vulnerability
• Artifact Summary
• Build Summary
• Get Violations
• List Ignored Violations
• Scan Build V1
• Get Repositories Configurations
• Update Repositories Configurations

The following REST APIs support Exposures Scanning:

• Exposures Scanning-Get Results List
• Exposures Scanning-Get Results Details
• Exposures Scanning-Get Findings
• Exposures Scanning-Get Evidence
• Exposures Scanning-Get Rows
• Get Repositories Configurations
• Update Repositories Configurations