Exciting Announcement: Introducing Container Image Scanning for a More Secure Products and CI/CD Pipelines

We are thrilled to announce the availability of Container Image Scanning within the Start Left® Security platform, enhancing our Software Composition Analysis (SCA) tools. With this release, we're empowering organizations to shift security even further left, ensuring container images are secure before they reach production environments. As more workloads are moved to containers, safeguarding these images has become a critical part of modern AppSec strategies, helping businesses protect their operations and maintain compliance with ease.

Capabilities & Security Outcomes:

With Start Left®’s Container Image Scanning, organizations can:

• Scan images within CI/CD pipelines, consolidating findings across other AppSec tools for complete security coverage.
• Identify vulnerabilities across application, OS, and package-level dependencies, ensuring security at every layer.
• Inventory Open-Source Licenses to mitigate legal risks associated with compliance.
• Generate dynamic Software Bills of Materials (SBOMs), including both OS and application dependencies in SPDX or CycloneDX formats for transparency and audit-readiness.
• Prioritize container-related risks across your Organization and Product Dashboards to maintain proactive threat management.

Business Value:

Start Left® provides more than just vulnerability detection—it aligns your product security with real business outcomes:

• Faster time-to-market: Start Left® reduces the noise and complexity of vulnerability management, allowing teams to focus on what matters and release software faster.
• Lower operational costs: Our platform simplifies vulnerability triage and prioritization, ensuring your teams focus only on the highest risks.
• Enhanced risk mitigation: Consolidated container scanning, SBOM generation, and OS/package dependency checks offer a comprehensive view of risk, enabling your team to stay ahead of threats and maintain compliance.

Unlike traditional runtime protection solutions, Start Left® provides proactive security by identifying issues before deployment, not after. Our proactive approach eliminates costly remediation in production and reduces alert fatigue, ensuring your security efforts are truly scalable and efficient. Runtime protection, similar to RASP or WAF solutions, generates post-deployment alerts and logs, which are reactive by nature. Start Left®, however, takes action earlier—integrating security from development through CI/CD, thus reducing the risk of exploitable vulnerabilities making it to runtime in the first place.

It also empowers DevOps "done right" and re-enforces the value proposition to the business: high-performing teams delivering high-quality software.

Container Registry Support:

In this initial release, we’re supporting Docker Hub and Azure Container Registry (ACR) with upcoming releases including support for GitHub, GitLab, and Amazon ECR. You can easily configure these through the new Data Sources tab, selecting Container Registry in the dropdown menu.

Enhanced Features for More Visibility:

• Asset Discovery: Our discovery scanner now finds any unmanaged container assets for easier visibility and awareness of potential risks.
• New Asset Details with Scan History: Track container asset performance over time with historical scan data. Quickly identify whether vulnerabilities are improving or deteriorating, offering insight into when significant changes occurred.
• CI/CD Pipeline Scanner: Seamlessly integrate container image scanning into your CI/CD processes.

Have questions or feedback? Reach out to us at support@startleftsecurity.com!

Start Left® Security continues to lead the charge in people-centric application security posture management (ASPM)—driving product security, operational efficiency, and faster remediation with a unified approach to vulnerability management.