This use case describes how to configure Xray Policies and Watches to trigger an email notification for a resource that contains a Critical vulnerability.
Step 1: Define a Security Policy for Critical Vulnerabilities
đź“ŚGoal: Create a policy to trigger email notifications for each Critical vulnerability found in a resource.
- Navigate to Application > Xray > Watches & Policies.
- Click New Policy, enter a name, and select Security as the type.
- Configure the rule:
- Enter a rule name.
- Select the CVEs rule type.
- Set the Minimal Severity to Critical.
- Select the Notify Email action and enter a valid email address.
- Apply on Scope. Attach the Policy to a Watch.
- Save the policy.
Step 2: Test Email Notification (Build with Critical Vulnerability)
Goal: Ensure that email notifications are sent when a build contains a Critical vulnerability.
Scenario : Vulnerable Build in CI/CD ( Notified)
A Jenkins pipeline attempts to build an application using a vulnerable package
Expected Result:
- A violation is created for the build due to the Critical vulnerability.
- The email recipient receives an email notification.
Step 3: Review & Address the Violation
Goal: Investigate and resolve the issue.
- Click on the link in the email that will direct you to the violated resource in Xray > Scans List.
- Go to the violations tab and review the violation.
- Take action:
- Upgrade the package to a secure version.
- Create an Ignore Rule on the violation if deemed a false positive.