Anchore: Container Security Product Overview and Analysis

Published

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Anchore

See our complete list of top container and Kubernetes security vendors

Company Description

Anchore is based in Santa Barbara, CA, and was founded in 2016 by Saïd Ziouani and Dan Nurmi, co-founders of Eucalyptus Systems and Ansible, respectively.

Anchore is an open platform for container security and compliance that helps developers, operations and security teams discover, analyze, and certify container images on premises and in the cloud. Anchore lets operations and developers perform detailed analysis, run queries, produce reports and define policies on container images that can be used in CI/CD pipelines to ensure that only containers that meet an organization’s requirements are deployed into production.

Markets

Developers, operations and security teams working in containerized environments. from enterprises to SMBs.

Products

Anchore Engine: an open source centralized service for performing detailed analysis on container images, running queries, producing reports and defining policies that can be used in CI/CD pipelines. It is available on GitHub and as a Docker container on DockerHub.

Anchore Cloud: the company’s SaaS offering, available at anchore.io

Anchore Enterprise: an enterprise-ready, on-premises container security and compliance platform, available at anchore.com/enterprise

Key Features

All products are built around the following features:

Insight & Analysis: Performs deep analysis on container images including searchable lists of all packages, files and software artifacts such as Ruby GEMs and Node.js modules.

Policy Management: Define policies to certify images, including vulnerabilities, package whitelists, blacklists, configuration files, secrets, manifest changes, exposed ports, or any user-defined checks.

Compliance: Ensures compliance standards and organizational best practices are met by certifying images within the CI/CD pipeline, within container registries, or before images are deployed into production.

Pricing

Anchore Enterprise is priced per repository scanned.

Sean Michael Kerner Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

This field is required This field is required

Get the free Cybersecurity newsletter

Strengthen your organization’s IT security defenses with the latest news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

This field is required This field is required