Host Scans
View host scans in Oracle Cloud Infrastructure Vulnerability Scanning Service to identify security vulnerabilities in your compute instances like open ports, critical OS patches, and failed benchmark tests.
At least one Compute target must exist before any host scans are created. See Compute Targets.
The Vulnerability Scanning service creates a separate report for each Compute instance that you added to the target configurations. The report has the same name as the instance.
The Vulnerability Scanning service saves the results for a Compute instance in the same compartment as the instance's Vulnerability Scanning target.
Consider the following example.
- The Compute instance
MyInstance
is inCompartmentA
. MyInstance
is specified inTarget1
.Target1
is inCompartmentB
.- All reports related to
MyInstance
are inCompartmentB
.
The Vulnerability Scanning service categorizes problems by these risk levels.
- Critical- the most serious problems detected, which should be your highest priority to resolve.
- High- the next most serious problems.
- Medium- problems that are less serious.
- Low- problems that are still less serious.
- Minor- the least serious problems detected; they still need be resolved eventually, but can be your lowest priority.
This section contains the following topics:
- Required IAM Policy for Host Scans
- Listing Host Scans
- Getting a Host Scan's Details
- Listing Metrics for a Host Scan
- Listing Open Ports in a Host Scan
- Listing Vulnerabilities in a Host Scan
- Listing CIS Benchmarks in a Host Scan
- Getting a CIS Benchmark's Details
- Moving a CIS Benchmark Scan Between Compartments
- Deleting a CIS Benchmark Scan
- Moving a Host Scan Between Compartments
- Exporting a Host Scan
- Deleting a Host Scan