Harbor

Integrate Harbor with OX to centralize security findings alongside container, pipeline, cloud, and runtime signals already in OX.

OX scans Harbor on a schedule and on demand, enriches findings with OX context (application mapping, workflows, and compliance), and presents a unified queue for investigation and reporting.

After you connect, Harbor scan results appear in the Active Issues page (use the filter Source tool > Harbor).

What OX adds

• Context and correlation: OX maps findings to applications, services, and teams to show impact and ownership.

• Prioritization with severity factors: OX may reprioritize scanner severities when exploitability and environment context reduce risk (for example, Critical → High). Severity factors explain why the priority changed.

• Evidence at a glance: When available, OX displays scanner evidence, file locations, and remediation guidance alongside OX analytics to speed triage.

Connection Methods

For general information about connection methods, see Connection methods.

Connect to OX with a Harbor username and token.

Prerequisites

OX

• OX permission to configure connectors

Harbor

• Admin permissions to the Harbor account you want to connect. The account must be a personal account.

Connect with username and token

Step 1: Create personal access token [Harbor]

This step has several parts. Create Robot Account

1. Verify the prerequisites are in place.

2. Log in to your Harbor account.

3. From the left menu pane, select Robot Accounts.

   
4. Select New Robot Account.

5. In Create System Robot Account, complete the details.

   • Name: Enter a name for the OX account.

   • Expiration time: Enter a value (days) or set to Never (recommended).

     
6. Select Next.

Add permissions

1. In Select System Permissions, select the following permissions:

   • Project: List

   • Registry: List and Read

   
2. Select Next.

3. In Select Project Permissions, check the box to cover all projects or select the project and select PERMISSIONS to add permission for the selected project.

   
4. On the next screen, scroll and select the following permissions:

   • Artifact: List and Read

   • Repository: List, Pull and Read

   • Project: Read

   • Tag: List

     
5. Select Finish.

6. A success message displays and shows the token name and secret. Save the secret securely. You cannot view it again after this step. Best practice: Store credentials in a secrets manager and set a reminder to rotate them according to your policy.

   

Step 2: Connect OX to Harbor [OX]

1. Verify the prerequisites are in place.

2. In OX, go to Connectors > Registry and select Harbor.

   
3. Enter the following parameters.

1. Select CONNECT. OX validates the credentials.

2. In Configure your Harbor credentials, select VERIFY CONNECTIVITY. A green checkmark indicates a successful connection. If verification fails, check your credentials and permissions.

Optional configurations

• To change the images OX scans and monitors, see the section Change the locations OX scans.

• To connect more Harbor accounts to the same organization in the OX platform, repeat the process.

• For information on the OX Broker, see the article OX Broker.

Change the locations OX scans

Once you have a connection, you can change the locations that OX scans and monitors.

1. Use the Gear icon at the bottom of the Configuration screen.

2. OX displays the locations or objects that OX scans and monitors.

3. Change the selection as needed.

4. Select SAVE.