Posted On: Mar 27, 2024
Today, Amazon Elastic Container Registry (ECR) announced a new, improved version of its basic scanning feature in preview. The new version of ECR basic scanning uses Amazon’s native scanning technology, which is designed to provide customers with improved scanning results and vulnerability detection across a broad set of popular operating systems. This allows customers to further strengthen the security of their container images.
ECR basic scanning enables customers to identify software vulnerabilities in their ECR container images. Customers can either scan their container images manually or via configurations that specify which repositories should be scanned when an image is pushed. Today’s launch enables customers to detect container image vulnerabilities across popular operating systems and receive improved scan findings.
The new version of ECR basic scanning is available in preview at no additional cost. Customers can try out the preview via the AWS console. To learn more about ECR basic scanning, this change, and region information, please visit our documentation. ECR also offers Enhanced scanning which is powered by Amazon Inspector and comes with additional security benefits, including scanning for programming language package vulnerabilities. A complete list of differences between the new version of ECR basic scanning and Enhanced scanning can be found here.