Container image scanning

Image Scanning is an automated vulnerability assessment feature that helps improve the security of your application’s container images by scanning them for a broad range of operating system vulnerabilities.

Currently, the Amazon Elastic Container Registry (ECR) is only able to scan Linux container image for vulnerabilities. However; there are third-party tools which can be integrated with an existing CI/CD pipeline for Windows container image scanning.

• Anchore
• PaloAlto Prisma Cloud
• Trend Micro - Deep Security Smart Check

To learn more about how to integrate these solutions with Amazon Elastic Container Repository (ECR), check:

• Anchore, scanning images on Amazon Elastic Container Registry (ECR)
• PaloAlto, scanning images on Amazon Elastic Container Registry (ECR)
• TrendMicro, scanning images on Amazon Elastic Container Registry (ECR)