Creating a scanner policy

Rights to manage scanner policy settings are required to add a scanner policy in Kaspersky Container Security.

To add a scanner policy:

1. In the Policies → Scanning section, click the Add policy button.

   The policy settings window opens.

2. Use the Disabled / Enabled toggle switch to disable the added policy, if necessary. In this case, it will be added but not applied until it is activated.

   By default, the status of a newly added scanner policy is Enabled.

3. Enter a policy name and, if required, policy description.
4. In the Application scope field, select the application scope for the scanner policy from the available options.

   If you plan to implement the policy with the global application scope, one of your user roles must be granted the rights to view global application scopes.

5. In the Vulnerabilities section, configure the following settings:
   • Use the Disabled / Enabled toggle switch to configure scanning using the National Vulnerability Registry (NVD) databases.
   • Use the Disabled / Enabled toggle switch to configure scanning using the Vulnerability Database (VDB).
6. In the Malware section, use the Enabled / Disabled toggle switch to configure scanning for malware in the image as part of the File security risk Protection component.
7. In the Misconfigurations section, use the Disabled / Enabled toggle switch to configure a check for configuration errors.
8. Click Save.