Overview
Container malicious package detection follows the same conceptual model as SCA, providing the same end-to-end protection and workflows currently available for open-source dependencies.
This enables users to detect, assess, and respond to malicious packages embedded within container layers, ensuring consistent security coverage and visibility across all deployment artifacts.
Key Features
-
Malicious package detection occurs at scan time.
-
Malicious package events will be created in the Mend Platform when applicable.
-
Malicious package events will be denoted by an MSC finding, consumable via UI, API, and notifications (where paplicable).
The Container MSC Banner
-
A Container MSC banner appears at the top of the platform UI whenat least one active malicious container finding exists in the organization.
-
The count
Nin the Container banner reflects the total number of active malicious container findings org-wide, scoped to the current user's accessible applications. -
When both Dependencies and Container MSCs are present, both banners are shown simultaneously, with the Dependencies banner stacked above the Container banner.
-
Clicking “View Affected Applications” / "View Malicious Packages" on the Containers banner navigates to the Applications view pre-filtered to
Scan Engine: Containers+Risk Factors: Malicious. -
The banner reappears on the next session if the underlying findings persist.