We are looking for something to run as part of our ami/docker testing and as you say, stays fresh on standards (whatever soc2/iso, but ideally also FIPS) , any prefs?
I use it for regular scanning, flagging potential issues, automatically making changes, aligning images to CIS Level 2, and for ongoing scanning to satisfy SOC2 auditors.
