Posted On: Nov 30, 2023

Amazon Inspector now integrates with leading developer tools like Jenkins and TeamCity for container image assessments. This integration allows developers to assess their container images for software vulnerabilities within their Continuous Integration and Continuous Delivery (CI/CD) tools, pushing security earlier in the software development lifecycle. Assessment findings are conveniently available within the CI/CD tool’s dashboard, allowing developers to take automated actions in response to critical security issues, such as blocking builds or image pushes to container registries. You can use this feature by simply installing the Amazon Inspector plugin from your CI/CD tool marketplace and adding a step for Amazon Inspector scan in your build pipeline without needing to activate the Amazon Inspector service, provided you have an active AWS account. This feature works with CI/CD tools hosted anywhere, in AWS, on-premises, or hybrid clouds, providing consistency for developers to use a single solution across all their development pipelines.

Once activated, Amazon Inspector automatically discovers all of your Amazon Elastic Compute Cloud (EC2) instances, container images in Amazon Elastic Container Registry (ECR) and CI/CD tools, and AWS Lambda functions, at scale, and continuously monitors them for known vulnerabilities, giving you a consolidated view of vulnerabilities across your compute environments. 

Amazon Inspector integration with developer tools for container image scanning is available in all commercial and AWS GovCloud (US) Regions where Amazon Inspector is available

To learn more and get started with continual vulnerability scanning of your workloads, visit: