Use APIs to continually poll your cloud accounts for new assets. ▪ Post-build, scan your container registries for vulnerabilities. ▪ Use Amazon inspector to check for vulns and misconfigurations. Use vuln scanner APIs ▪ All modern vuln scanners have an API. ▪ At deploy time, identify the target deployment servers and query their vuln state. ▪ Set your WARN/BREAK states to a level that works for your org.