This detection rule identifies medium-severity vulnerabilities found in container images stored within AWS Elastic Container Registry (ECR). By utilizing AWS CloudTrail logs, particularly focusing on the 'DescribeImageScanFindings' event, the rule captures and processes security findings related to specific container images. This analysis is essential for Security Operations Centers (SOCs) as it points out potential security risks in containerized environments. When vulnerabilities are detected, they can lead to severe implications such as unauthorized access, data breaches, or exploitation of the container ecosystem if unattended. The detection emphasizes the importance of promptly addressing these findings in order to maintain a robust security posture in cloud-native applications.