Data Library, Library Refreshes, and Electronic Updates
The following are enhancements to the Code Insight data library, the daily Library Refresh (which generates alerts for new vulnerabilities associated with inventory), or the Electronic Update (which keeps Code Insight systems up to date with the latest data-library information).
(Introduced in 2023 R3 SP1) Code Insight now includes a Library Refresh service, which runs daily to keep a Code Insight instance up to date with new vulnerabilities associated with inventory across projects. This new service notifies users of new vulnerabilities associated with their projects on a daily basis so that they do not have to wait for the next regularly scheduled Electronic Update to be informed of new vulnerability threats. Users can immediately begin vulnerability investigation and remediation work as needed, thus reducing the window of possible exploitation.
About the Library Refresh
Basically, the Library Refresh is like a partial Electronic Update. While an Electronic Update performs an overall update of the Code Insight Data Library, the Library Refresh focuses on only these operations:
| • | Updating library tables with new vulnerability data |
| • | Updating library tables with new mapping information defining which component versions are associated with each new vulnerability |
| • | Generating vulnerability alerts, email notifications, and remediation tasks for project inventory affected by the new vulnerabilities (see User Notifications of New Vulnerabilities). |
Additionally, because the Library Refresh is run daily, it processes only those new vulnerabilities discovered since the previous day.
User Notifications of New Vulnerabilities
Depending on Code Insight and project configuration, a Library Refresh can also notify users in the following ways when new vulnerabilities are discovered:
| • | Generate alerts in the UI for inventory items associated with the newly discovered vulnerabilities. (For more information about alerts, refer to the “Managing Security Vulnerability Alerts” section in the Code Insight User Guide.) |
| • | Issue emails to the project owners whose inventory is affected by any of the vulnerabilities. |
| • | Create remediation tasks for those inventory items that are rejected due to associated vulnerabilities that exceed policy thresholds. |
Refresh Schedule
The Library Refresh runs daily at 12 am.
More Information
For complete information about the Library Refresh service, refer to “Managing the Daily Check for New Security Vulnerabilities” in the Code Insight Installation & Configuration Guide.