Threshold Configuration

Directory Inventory

See the Thresholds Directory Inventory for a complete listing of files and resources in this directory.

This section provides detailed information on using SAF-CLI thresholds for quality gates in security scanning.

What are Thresholds?

In the context of security scanning, thresholds define the minimum acceptable compliance level for your containerized applications. They allow you to:

• Set minimum passing scores
• Define acceptable failure counts for different severity levels
• Control how many skipped or error controls are permitted
• Implement quality gates in CI/CD pipelines

Threshold Guides

• Basic Threshold Configuration - Simple threshold configurations
• Advanced Threshold Options - Complex threshold configurations
• Example Configurations - Example configurations for different environments
• CI/CD Integration - Using thresholds in CI/CD pipelines

Common Use Cases

Use Case	Guide	Description
Simple Compliance	Basic	Set a minimum overall compliance score
Production Enforcement	Examples	Strict thresholds for production environments
Development Flow	Examples	Lenient thresholds for development
Pipeline Quality Gates	CI/CD	Implementing thresholds in automated pipelines

Getting Started

A simple threshold configuration looks like this:

# threshold.yml
compliance:
  min: 80
failed:
  critical:
    max: 0
  high:
    max: 2

This configuration requires:

• At least 80% overall compliance
• No critical failures
• No more than 2 high severity failures

Related Topics

• SAF CLI Integration
• CI/CD Integration
• Helm Chart Configuration