Unique Vulnerability Counts with Container Scanning
As Cloud Service Providers (CSPs) start to submit their container vulnerability scans in order to meet Container Scanning Guidance requirements, stakeholders monitoring submissions should expect to see large increases in the number of unique vulnerabilities.
Traditional vulnerability scanning tools use an overarching PluginID or Vulnerability ID that wraps multiple Common Vulnerabilities and Exposures (CVE) under one ID. Container scanning solutions typically track unique vulnerabilities at the Common Vulnerabilities and Exposures (CVE) level, which is much more granular. This means that you could have an increased number of unique vulnerabilities in CSPs monitoring submissions.
What’s the Impact?
Those monitoring these new submissions could possibly see a jump of hundreds of unique vulnerabilities within the container scans.
- If you are an agency: Please reach out to your CSPs early and discuss what they are seeing and what they will be submitting to you prior to the actual scan submission. This will ensure everyone is prepared and understands the new counts.
- If you are a CSP: Please make sure your clients are briefed on this so that your clients understand the reason for the sudden increase in unique findings. This will help avoid an unwelcome surprise because of these new numbers.