Container image vulnerability detected

Set up the twistlock integration.

Goal

Detect vulnerabilities in container images.

Strategy

This rule lets you monitor Twistlock logs (@vulnerability.log_type:vulnerability) to detect vulnerabilities in a container image.

Triage and response

  1. Determine the impact of this vulnerability.
  2. Update the container image in the registry with a patched version of the software.
  3. Deploy the new image to all containers running the vulnerable image.

Change Log

29 Jun 2022 - Added queries for various vulnerability severity levels.