I have multiple AWS accounts(lets say dev and stage) and in those accounts I have an ECR repo. In both accounts I have the same image stored in those repos. The image is literally copied from dev to stage.
The problem I have is that the security scans from the dev account and the stage account are different - very much so and I do not know why.
In dev I have a litany of problems (43 critical, 167 high, 143 medium) and the same image but in the staging account is "cleaner" (0 critical, 4 high, 79 medium).
I do not care for the security issues for the purpose of this question.
I only want to know where those discrepancies in scanning output lies.
Would greatly appreciate some insight :)
Just as @MarkB stated. For some reason, for one of my accounts, I had the old scanning while the rest of my accounts were on the new native one :)