Container image scanning

Image Scanning is an automated vulnerability assessment feature that helps improve the security of your application’s container images by scanning them for a broad range of operating system vulnerabilities.

Currently, the Amazon Elastic Container Registry (ECR) is only able to scan Linux container image for vulnerabilities. However; there are third-party tools which can be integrated with an existing CI/CD pipeline for Windows container image scanning.

Anchore
PaloAlto Prisma Cloud
Trend Micro - Deep Security Smart Check

To learn more about how to integrate these solutions with Amazon Elastic Container Repository (ECR), check:

Anchore, scanning images on Amazon Elastic Container Registry (ECR)
PaloAlto, scanning images on Amazon Elastic Container Registry (ECR)
TrendMicro, scanning images on Amazon Elastic Container Registry (ECR)

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Windows Server Hardening

Windows Versions and Licensing