Defense Agencies Use Anchore for Deep Image Inspection and Policy-Based Compliance, to Balance Security and Efficiency
RESTON, VA — February 6, 2020 — Anchore®, Inc., experts in container workflow, analysis, and security, today announced Anchore Federal, a solution designed to validate compliance with the stringent software development security requirements of the United States Department of Defense (DoD). Anchore Federal allows agencies to perform deep inspection of software container images as they are created, validating them against a collection of policies designed in collaboration with the Department of Defense. By integrating into existing development pipelines, Anchore Federal prevents the deployment of software that does not meet the necessary security requirements.
The Department of Defense is introducing modern DevSecOps practices throughout all defense agencies and projects in the form of automated software tools, services, and standards. The objective, codified into the DoD DevSecOps Reference Design, is to address security issues as early as possible in the development process. The Anchore team has been working extensively with key Air Force stakeholders to meet these challenges, resulting in the selection of Anchore as one of the few tools mandated as part of the reference design.
“Anchore is honored to work hand-in-hand with federal agencies to provide them with enhanced security and efficiency,” said Saïd Ziouani, CEO at Anchore. “We understand how important it is for our warfighters to have leading-edge software, but it’s equally important for that software to be free of known vulnerabilities and follow security best practices. Our mission is to help organizations of all kinds achieve that balance.”
Anchore engineering teams continue to work alongside resources from the DoD and partner organizations to secure and harden software containers held within the DoD’s Centralized Artifact Repository. Based on this expertise, Anchore also offers Anchore Federal Accelerator, an integrated program that prepares software providers to deliver their products to the DoD in a compliant manner. As requirements continue to evolve within the federal market, Anchore Federal customers will receive updated policy bundles that reflect the changing security and regulatory landscape and maintain ongoing compliance.
Anchore, Inc., based in Santa Barbara, CA and Northern Virginia, was founded in 2016 by Saïd Ziouani and Daniel Nurmi to help organizations implement secure container-based workflows using Anchore Engine and Anchore Enterprise. With Anchore, DevSecOps teams establish policy-based approaches to container compliance without compromising velocity. Customers range from Fortune 100 companies to small- and mid-sized customers, and US Government agencies. Anchore is trusted by modern software development companies across the globe. For more information, visit Anchore.