Amazon Inspector container image scanning is now available for Amazon CodeCatalyst and GitHub actions

Posted on: Jun 6, 2024

Amazon Inspector now offers native integration with Amazon CodeCatalyst and GitHub actions for container image scanning, allowing customers to assess their container images for software vulnerabilities within their Continuous Integration and Continuous Delivery (CI/CD) tools, pushing security earlier in the software development lifecycle. With this expansion, Inspector now natively integrates with four developer tools including, Jenkins, TeamCity, GitHub actions, and Amazon CodeCatalyst for container image scanning. This feature works with CI/CD tools hosted anywhere in AWS, as well as in on-premise environments and hybrid clouds, providing consistency for developers to use a single solution across all their development pipelines.

Amazon Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities, code vulnerabilities, and unintended network exposure across your entire AWS Organization. Customers can also use Amazon Inspector to scan container images and other archives, such as zip and TAR, for software vulnerabilities directly from local developer laptops and machines. To learn more about scanning container images hosted anywhere, click here.

Amazon Inspector integration with developer tools for container image scanning is available in all commercial and AWS GovCloud (US) Regions where Amazon Inspector is available.

To learn more and get started with continual vulnerability scanning of your workloads, visit: