TOC & Recently Viewed

Recently Viewed Topics

Policy Enforcement Settings

You can select one of the following enforcement actions for a policy in Tenable.io Container Security:

Option Description
Set Compliance Status to False

Use this action if you want to query Tenable.io Container Security for the policy compliance status of scanned container images.

If a scan of a container image identifies the condition specified in the policy, any API queries for the policy compliance status of the container image receive a false response (security test failed). For more information, see the description of the /policycompliance endpoint in the Tenable.io Container Security API guide.

This action is useful if you integrate Tenable.io Container Security with your CI/CD pipeline. For example, you can configure Jenkins to mark a build unstable if a container receives a failed compliance status from Tenable.io Container Security.

Prevent/Block "docker pull"

Use this action if you want to block pulls from the Tenable.io Container Security registry of any container image where a scan has identified the condition specified in the policy. For more information, see Pull from the Registry.

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.