Respond to violations

Learn how to view policy violations, drill down to the actual cause, and take corrective actions.

1 minute read

The StackRox Kubernetes Security Platform’s built-in policies identify a variety of security findings, including vulnerabilities (CVEs), violations of DevOps best practices, high-risk build and deployment practices, and suspicious runtime behaviors. Whether you use the default out-of-box security policies or use your own custom policies, the StackRox Kubernetes Security Platform reports a violation when an enabled policy fails.

You can analyze all violations in the Violations view and take corrective action.

To see discovered violations:

  1. Select Violations from the left-hand navigation menu.

Violations view
Violations view

Violations view shows list of violations with following attributes for each row:

  • Deployment: the name of the deployment.
  • Cluster: the name of the cluster.
  • Namespace: the namespace for the deployment.
  • Policy: the name of the violated policy.
  • Enforced: indicates if the policy was enforced when the violation occurred.
  • Severity: indicates the severity as Low, Medium, High, or Critical.
  • Categories: the policy categories.
  • Lifecycle: the lifecycle stages to which the policy is applicable, Build, Deploy, or Runtime.
  • Time - the date and time when the violation occurred.

Similar to other views,

  • you can select a column heading to sort the violations in ascending or descending order.
  • use the filter bar to filter violations. See the Use local page filtering topic for more information.

To view more details about the violation, select a violation in the Violations view. See the View violation details section for more information.

Questions?

We're happy to help! Reach out to us to discuss questions, issues, or feature requests.

© 2021 StackRox Inc. All rights reserved.