Module Security
N|Solid provides a backstop to your CI/CD dependency scanning by constantly downloading new vulnerability reports and checking the 3rd party libraries it sees loaded in memory against known security vulnerabilities, alerting you immediately if a new report matches your system. With build-based scanning, this typically would be invisible--once it makes it to the production it has already been scanned. So if the vulnerability is reported after your scan you are in the dark--no more if you're using N|Solid.
Detecting Security Vulnerabilities
The Security View
If there are any vulnerabilities found in your applications, the Security option in the global Navigation dropdown menu will show a red icon. Click there to see a list of vulnerabilities found for the processes matching the current Global Filter.
See more about Filtering here
Clicking on Security in the Nav Bar will display the Security Vulnerabilities view. This view displays a list of all the vulnerabilities found across all applications matching the Filter.
All of the vulnerabilities found in all applications will be listed on the left. The numbered badge in that list indicates the number of applications which are affected by the vulnerability.
You can use the Hide/Show toggle on the right to have the vulnerability ignored when determining the number of vulnerabilities across all of your applications.
Vulnerable Processes in the Dashboard
From the Dashboard, vulnerabilities can also be found by clicking the Modules tab below the main Dashboard table. This provides a summarized view of the main Security Vulnerabilities view.
Vulnerability Information in the Scatterplot
Selecting the Vulnerability Sort option in the Scatterplot will highlight vulnerable processes with a bright red dot, and secure processes will be shown with a light colored dot.
Configuring Notifications for Security Vulnerabilities
To enable notifications for vulnerabilities, go to the Global Configuration menu.
Scroll down to the section Vulnerability Notifications. Here you can add Integrations integrations to be invoked when a new vulnerability is found.
