To view layers in a container image scan report, perform the following procedure.
Procedure
- On the left navigation pane, do one of the following depending on your system configuration and role:
- If you have the Kubernetes Security DevOps or SecOps role and your system has only the Container security feature, click Inventory > Container Images.
- If you have any other role and your system has Container security and other Carbon Black Cloud features, click Inventory > Kubernetes > Container Images.
- Click the Deployed Images tab.
- Click the name of an image in the Image Tag column.
- Click the Layers tab.
- You can search for a specific layer. You can also limit the layer table results to only those layers that have vulnerabilities: deselect the check box for Show layers with no vulnerabilities.
The Layers tab shows the following information:
- Layer name
- A
secret
ormalware
tag, if applicable - Number of packages in the layer
- Vulnerabilities and applicable fixes
- Layer size
- For more details about a layer, click the arrow icon at the right of the layer row.
In the Layer Details panel, you can:
- Copy the command that was used to create the image layer from the Layer field.
- View the layer's unique identifier in the Layer digest field.
- View malware.
- Show all vulnerabilities in this layer. Click Show all in the Vulnerabilities section to be directed to the Vulnerabilities tab. See View a Container Image Scan Report - Vulnerabilities.
- View a vulnerability summary. Click the carat icon at the left of the CVE.
- View secrets.
- Show all packages in this layer. Click Show all in the Packages section to be directed to the Packages tab. See View a Container Image Scan Report - Packages.