Ability to filter vulnerability results by CVSS score and fixability

[ekelson-bcove]

for Usage: lacework vulnerability scan run <registry> <repository> <tag|digest> [flags]

It would be great to add two more flags:

• The ability to filter by CVSS score (e.g. --cvss 7 returns 7+)
• The ability to only return fixable vulns (e.g. --fixable)

Lastly as a possible stretch, it would be great to return a list of packages only that should be upgraded that can be via code

[afiune]

@ekelson-bcove Thank you so much for your feedback! 💯

We are about to start working on this feature, the two flags you mentioned resonate
very well with us, though we are curious if you could elaborate a little more about the
"possible stretch" feature:

it would be great to return a list of packages only that should be upgraded that can be via code

-- 🤔 Is this extra feature related to listing the packages that could be upgraded since they have a fixed version available?

[afiune]

@ekelson-bcove Hi there! We are still working on some of your feedback.

We recently released a new feature #149 that adds a --packages flag to vulnerability commands, maybe this is something that you can use internally that can help with the stretch feature you mentioned in this issue. As usual, we welcome any feedback! Thank you and we will keep you posted with more updates.

[ekelson-bcove]

Thanks and sorry I never replied. I wrote a response but it never got sent. I’ll try it out tomorrow!

On Tue, Jul 7, 2020 at 6:51 PM Salim Afiune ***@***.***> wrote: @ekelson-bcove <https://github.com/ekelson-bcove> Hi there! We are still working on some of your feedback. We recently released a new feature #149 <#149> that adds a --packages flag to vulnerability commands, maybe this is something that you can use internally that can help with the stretch feature you mentioned in this issue. As usual, we welcome any feedback! Thank you and we will keep you posted with more updates. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#126 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AE6E622YNM2447RGG4TOYQTR2ORI5ANCNFSM4NQ2ZYLA> .

-- Eric Kelson Information Security Brightcove