Anchore Blog

GitHub Actions Lowers the Bar for Improving Security

GitHub has been a key vendor in making the developer experience friction free and many of the features they announced this week at their GitHub Universe conference continue to set the standard. What was notable at the event this week was that security has now been added to the fiction-free mantra and, for anyone who …

GitHub Actions Lowers the Bar for Improving Security Read More »

The DeliveryHero Story: Inviting Security to the Party

Last week, the team at DeliveryHero posted the first in a series of articles about bolstering container security and compliance in their DevOps container orchestration model using Anchore Engine. We think they did a fantastic job explaining their goals and sharing the progress they have made. Their article is a great read for those who …

The DeliveryHero Story: Inviting Security to the Party Read More »

Benefits of Static Image Inspection and Policy Enforcement

In this post, I will dive deeper into the key benefits of a comprehensive container image inspection and policy as code framework A couple of key terms: Comprehensive Container Image Inspection: Complete analysis of a container image to identify it’s entire contents: OS & non-OS packages, libraries, licenses, binaries, credentials, secrets, and metadata. Importantly: storing …

Benefits of Static Image Inspection and Policy Enforcement Read More »

Success With Anchore | Best Practices from our Customers

Introduction Successful container and CI/CD security encompasses not only vulnerability analysis but also a mindset based on integrating security with every step of the Software Development Life Cycle (SDLC). At Anchore, we believe incorporating early and frequent scanning with policy enforcement can help reduce overall security risk. This blog shares some of the elements that …

Success With Anchore | Best Practices from our Customers Read More »

Anchore Talk | Redefining the Software Supply Chain

We are pleased to announce Anchore Talks, a series of short webinars to help improve Kubernetes and Docker security best practices. We believe it is important to have excellent security measures in place when adopting containers, and that drives every decision we make when developing Anchore Enterprise and Anchore Engine. These talks, no longer than …

Anchore Talk | Redefining the Software Supply Chain Read More »

Anchore Engine Available in Azure Marketplace

We are pleased to announce the immediate availability of Anchore Engine in the Azure marketplace. Microsoft has grown its cloud native development and DevOps offerings significantly in the past two years. The Azure offerings available today such as Azure Container Instances (ACI), Azure Kubernetes Service (AKS), and Azure Pipelines give enterprises and agencies the tools …

Anchore Engine Available in Azure Marketplace Read More »