Automatic update code env with known vulnerabilities

krbee · ‎12-14-2023

To stay secure I would like code env to be scanned periodically for modules and libraries with known vulnerabilities. If a vulnerability is detected the environment is resolved with patched modules/libraries.

For projects running on automation a vulnerable environment is flagged and a bundle with updated env is created and owner/admins are allerted

Turribeach · ‎12-15-2023

I totally agree with the need for this feature. I just don't think this is something Dataiku should do. Companies have lots of dependencies on external libraries and packages. These do not only exist in Dataiku but in pretty much every modern application or infrastructure stack. As such it makes sense to centralise the scanning of such external libraries and packages in products that can do it across all your applications or infrastructure stack. Indeed there are many security products that do this already, you should contact your company's SecOps team. In fact the current trend is to move to a DevSecOps model which means to Security as part of the Development process. In such model you don't scan packages periodically since packages first need to be approved and validated for use during the Development process.

Automatic update code env with known vulnerabilities

Labels

platform and infrastructure

Consistent display of chart title when hover on chart tab

I want to use Dataiku in Japanese.

Programmatic Git Support (Shell, Python API or Both)

Method to re-order V12 Visual ML override rules