For security and peace of mind, software vulnerability scanning for registered model versions that meet the Verta Model Specification is built into the Verta web UI.

Performing scans and viewing results

The Model packages section of a registered model version page provides a space dedicated to scanning model images.

The Scan button triggers an inspection of the image for known vulnerabilities in its packages, and the results are displayed in a sortable and downloadable table. Verta can be configured to use any image scanning software; this example uses Amazon ECR, as indicated in the upper-left corner:

Vulnerability scanning can also be performed through the Summary section of an endpoint page.

Custom Security Scanning Tools

If you would to integrate a custom security scanning vendor or internal process, a webhook is available. See the webhook section of our documentation for details.