Users can see found vulnerabilities by Repository and Image, Smithy reports on Github PRs
Users of Smithy SaaS can see found issues by repo or image they were found in. There is a Github reporter component. Smithy runs automatically for private repos and can also monitor private images in registries.
Changes in this release
- There is a new menu category under “Scan Results” called “Assets”, where every target scanned by Smithy shows up with an overview of what security actions have been done to the target and what has been found, prioritised.
- Smithy can now report findings as Github PR comments. Similarly to how a linter would.
- An update to the main-page shows the top vulnerable assets.
- Smithy now understands and can track container images and related image based vulnerabilities.