Provides a complete container security workflow solution for development and operations teams. Easily integrating with CI/CD systems, artifact registries or Kubernetes, it allows developers to bolster security without compromising velocity and enables security teams to audit and verify compliance in real time. It is based on Anchore Engine, an open-source image inspection and scanning tool.
Comprehensive container image analysis
Anchore Enterprise looks where other image scanners can’t, going beyond packages and libraries to deeply inspect images for ex- posed secrets, unsafe configuration and bad practices which you can
Automation-centric with 100% API coverage
Every part of the Anchore Enterprise architecture can be accessed through an API or CLI, making it possible for you to take advantage of all of its powerful capabilities wherever they are needed in your pipeline.
Rich policy and compliance language
Use Anchore with out of the box policies like Docker CIS and NIST or customize a bespoke policy using hundreds of rules to ensure that only the containers that meet your exact security standards make it into production.
Want more product information? Explore detailed information about using this product and where to find additional help.
Read what others are saying about this product in our review section.
What do you like best?
Very powerful, policy capabilities are a key differentiator which enable it to support real world CI/CD workflows.
What do you dislike?
The CLI requires python to run native, but its docker native so only an issue on my workstation.
Recommendations to others considering the product:
Consider Anchore with complex workflows or more sophisticated requirements. The product has an internal database that supports complex rules for a wide variety of use cases.
What problems are you solving with the product? What benefits have you realized?
It prevents vulnerabilities from shipping and embarrassing the company with key customers.