Speed up filtering and reporting by working with enriched JSON data dumps
Scanning package manifests is resource-intensive as it involves enriching package metadata by querying the Insights API. However, filtering and reporting may be done multiple times on the same manifest. To speed up this process, you can dump enriched data as JSON and load it for subsequent filtering and reporting operations.
Implement security guardrails in CI/CD pipelines using the --filter-fail argument, which causes the command to fail if any package matches the given filter.