Just to let you know that , Aws inspector won’t detect the vulnerabilities from the complied packages , it only detect vulnerabilities if the app is installed using package manger and not sure the behaviour in ecr . It’s basically the limitation of ssm agent and discovery which only fetch packages which are installed using package manager . Compiled packages example : apache src binaries. I don’t think so it is documented anywhere. Again same limitation exists for qualys as well
Just to let you know that , Aws inspector won’t detect the vulnerabilities from the complied packages , it only detect vulnerabilities if the app is installed using package manger and not sure the behaviour in ecr . It’s basically the limitation of ssm agent and discovery which only fetch packages which are installed using package manager . Compiled packages example : apache src binaries. I don’t think so it is documented anywhere. Again same limitation exists for qualys as well
Good one