In Kaspersky Container Security, scopes are specified for all security policies. To ensure that all necessary resources are scanned, each policy can be assigned one or more scopes. Moreover, the same scope can be specified in multiple policies.
Regardless of the number of policies implemented in a scope (for example, when scanning an image or scanning a cluster in a runtime), all security policies are applied.
When multiple security policies and multiple scopes are applied simultaneously, the following rules apply:
If a scope includes an object subject to a runtime policy in Audit mode and a runtime policy in Enforce mode, all actions specified in the runtime policies are applied in Enforce mode.