Blog - base2Services

Proactive Container Image Scanner for AWS – Detect Vulnerabilities Fast

Written by Michael Shelton | May 21, 2025 8:00:00 PM

base2Services is committed to simplifying secure cloud management for our clients. Therefore, we always enable the Amazon Elastic Container Registry (ECR) Image Scanning feature for all container workloads. However, this feature only scans images when they are created, leaving existing containerised applications vulnerable. To address this limitation, we developed the base2Services Container Image Scanner.

What is the base2Services Container Image Scanner? 

The base2 Container Image Scanner leverages the Amazon ECR Image Scanner but we enhanced its functionality to also scan active Amazon Elastic Container Service (ECS) clusters for vulnerabilities in container images. This ensures that new vulnerabilities are proactively detected in existing container images. 

Our Container Scanning tool gets deployed as a feature of Bearse, our innovative tool for automating cloud infrastructure deployment and management across all AWS environments.

Discover the full capabilities of Bearse here

How does the base2Services Container Image Scanner work?

The base2 Container Image Scanner automates container security by implementing two AWS Lambda functions:

  1. Scanner Function: Triggers daily scanning of actively running container images deployed in ECS clusters, pinpointing vulnerabilities with precision before they develop into major risks. 

  2. Notifier Function: When a vulnerability is detected, this function initiates the process of compiling relevant data pertaining to the nature of the vulnerability and its deployment locations. Thereafter, it sends a detailed notification to Slack.  

Key Benefits: 

  • Prevention of major threats: Immediately detecting and addressing vulnerabilities at an early stage
  • Saving time with automation: Daily scans and slack alerts reduce manual labour and enhance team efficiency 
  • Standardise Cloud Security:  Ensuring consistent security across your AWS containerised environments 

Why does the base2Services Container Image Scanner matter?

The base2 Container Image Scanner works seamlessly within Bearse, giving your team peace of mind and the freedom to innovate without being concerned about cloud vulnerabilities. 

Results you can expect: 
  • Reduced incident volume 
  • Faster deployment cycles
  • Higher uptime and performance 

The base2Services Container Image Scanner shields your team from potential risks without adding complexity. Seamlessly integrated into Bearse, it keeps your AWS containerized environments secure, efficient, and resilient. Automated scans, real-time Slack alerts, and zero manual overhead free your developers to focus on innovation while we take care of security.

Secure your AWScontainers in minutes - book a quick consult with our cloud-security experts today.
View full post