Manage Vulnerabilities

Manage Vulnerabilities allows you to perform the following tasks:

• Enable or disable vulnerability scanning for a repository to refine scanning report of the project.

• Auto enabling repositories for scanning vulnerabilities.

Enable/Disable a Repository for Vulnerability Scan

You can enable or disable a repository for vulnerability scanning in PCC from the Manage Vulnerabilities tab. If you enable a repository for vulnerability scanning, the repository is scanned for the vulnerabilities. If you disable the vulnerability scanning for a repository, the scanning will be skipped for the selected repository and vulnerabilities are not detected.

To enable or disable a repository for vulnerability scan, perform the following steps:

1.Login into PCC.

2. Search for the required project. The Project dashboard appears. Click Security from the LFX Tools tab.

3.The Security page appears. Click Manage Vulnerabilities tab, all repositories of the project are listed in alphabetical order.

4.Under Scan Vulnerabilities tab, toggle scan button to enable or disable a repository from scanning.

5. Under Last Scan Results tab, you can see whether the repository scan has been successful or failed while scanning the repository.

When the scan of the repository is successful, it is displayed as Successful and if there are any errors, it will be displayed as Failed.

Auto Enable Scanning of Repositories for Vulnerabilities

You have an option to auto enable scanning of repositories for vulnerability scanning when a new repository is added in the GitHub project. When you select the Auto enable option, all new repositories are scanned for the vulnerabilities.

You can the Auto Enable New Repositories toggle button to set the auto scanning of the new repositories. This button is available in the Manage Vulnerabilities tab.