Enable Threat Management on AWS ECR

This topic explains how to authorize and enable Prevasio Threat Management with AWS ECR to scan and secure your continuous delivery (CD) cycle and prevent threats from reaching your container based workloads.

This prevents the vicious cycle of continuous delivery of critical-vulnerable, compromised, or risky behavior images, by isolating high-risk repos in a non-intrusive way, thus removing any concerns of failing company cloud business logic. If malicious content or vulnerabilities are found in your scanned images, Prevasio protects your workloads by preventing their use.

Prevasio alerts are delivered via email about any violation of the built-in rules, and include information about detected risks like malware, known-to-be exploited CVEs, and ransom-ware patterns such as exploited domains and ports.

Configure and Enable AWS ECR Continuous Deployment (CD)

Configure and Enable Prevasio's Container Workload Security with AWS ECR Continuous Deployment (CD).

Do the following:

1. Ensure your AWS accounts have all additional permissions requested by the 'PrevasioCSPMRole'. See Additional Permissions.

2. From the Main menu, select Integrations> Cloud CD Security . Select the AWS tab

   

3. Set or edit details:

   item	Description
   AWS ECR CD Mitigation	Select to enable this feature. When enabled, if the built-in blocking rules are triggered by a security violation, the risky repository will be locked to prevent any AWS container-capable service from pulling\deploying container images from it.
   Minimum locking level	Set the minimum level of risk severity detected that will trigger the built-in rules to lock the risky repository. Available risk levels are: Medium, High, and Critical.
   Notification email addresses	Notification emails will be sent to the specified email addresses when a repository is locked.

4. Click Save in the email popup box dialog to save the addresses that were added or removed.

 

â Next steps:

• View ECR CD mitigation scan history