When you enable Advanced Security for the first time, existing repositories and artifacts in Artifactory are not scanned automatically. You must manually trigger scans for the repositories and artifacts you want to analyze.
Once advanced scans are set up, they apply only to newly added artifacts and run as ongoing, recurring scans. However, you can also trigger one-time scans for an immediate, on-demand security analysis of your artifacts, containers, or codebases without waiting for scheduled scans.
The Repositories and Artifacts guides explain how to initiate and configure both ongoing and one-time advanced scans to detect:
- Vulnerabilities through Contextual Analysis
- Service risks
- Secrets exposure
- Application security issues
The following REST APIs support Advanced Security Repository and Artifact actions: