Exposure Response

In the Exposure Response section, you create initiatives, which are projects to address vulnerabilities in your environment.

In initiatives, you track specific findings using combinations and select pipelines or registries to choose the assets in scope. Then, you assign initiatives to your team, set SLAs, and measure progress through remediation scan results.

You can use the Exposure Response section to create, assign, and report on all initiatives. As a initiative owner, you only see and work with your initiatives.

Tracking Container Images in Container Security Exposure Response

Exposure Response tracks container images by creating a list of images imported into your Container Security container and grouping them based on the following properties:

• Image Name: The specific name assigned to the container image.

• Distribution: The Linux distribution or OS variant installed on the asset (for example, Ubuntu, CentOS, Windows Server).

• Architecture: The system architecture of the asset's operating system (for example, x86_64).

• Operating System: The name and version of the operating system running on the asset. (for example Linux Kernel 3.13).

• Last Scanned: The date and time the asset was most recently scanned by Container Security.

When you select a registry or pipeline (Asset Scope), the system applies filters based on these properties to the assets. It then builds a list of assets to apply to an initiative.

Exposure Response assumes that the Image Name, Distribution, Architecture, and Operating System remain stable for a given group. The only property that changes regularly is the Last Scanned value.

Exposure Response then gathers vulnerability remediation information based on the most recently scanned images daily and applies it to the initiatives.

The following topics explain how to use these tools to create, manage, review, and report on initiatives.