Deep Recursive Scan Through All Layers of an RPM package
Xray recursively peels away the different layers of your RPM packages and their dependencies ensuring that every software artifact that is included in your software has been scanned for issues and vulnerabilities.
When a vulnerability is detected, Xray shows you all the RPM packages that contain the infected artifact so you can instantly understand the impact that any vulnerable layer has on all packages in your system.
As applications, teams, and deployment infrastructure grow in complexity, developing and releasing software becomes more complicated. Xray helps reduce the cost, time, and risk of delivering changes by allowing for more incremental updates to applications in production. It allows you to drill down or zoom out to identify the exact component Xray offers a highly available active-active cluster architecture, ensuring continuous security and governance to your software packages at an enterprise level. Achieve optimal performance and resilience by scaling your Xray environment with as many nodes as you need. All workload is delegated across available cluster nodes, through a load balancer, and shared between nodes. Xray seamlessly and instantly synchronizes all data, configuration, cached objects and scheduled job changes across all cluster nodes.
Even when images uploaded to your RPM repositories in Artifactory are given a clean bill of health, Xray continues to scan them to make sure they are not infected with any new vulnerabilities that are registered with Xray’s global vulnerability database.
Through Xray’s integration with common CI servers, you can stop infected builds from ever getting to your repositories. During the build process, Xray will notify your CI server if an infected artifact is being included in your RPM packages so the build can be halted before completion.