Request to share vulnerability tool used for scanning the prometheus images and also share the vulnerability report if any. #12872
rajani-konreddy
started this conversation in
General
Replies: 1 comment
-
Prometheus does not use any scanning of the images, as they generally are not useful instead the source code is scanned by tools like dependabot and dependencies are updated, due to the regular releases, users can easily get a recent version; or use the LTS releases. Prometheus has also had various external audits as mentioned at https://prometheus.io/docs/operating/security/#external-audits |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am unable to find vulnerabilities report for prometheus. So, does prometheus images are scanned for vulnerabilities.
If yes, please share the required tool details and report if any. Provided information will help me to understand the security risks.
Thanks.
Beta Was this translation helpful? Give feedback.
All reactions