Today, we’re pleased to announce the immediate availability of Anchore Enterprise 2.1, our latest enterprise solution for container security. Anchore Enterprise provides users with the tools and techniques needed to enforce security, compliance and best-practices requirements with usable, flexible, cross-organization, and—above all—time-saving technology from Anchore. This release is based on the all-new Anchore Engine 0.5.0, which is also available today.
New Features of Anchore Enterprise 2.1
Building upon our 2.0 release in May, Anchore Enterprise 2.1 adds major new features and architectural updates that extend integration/deployment options, security insights, and the evaluation power available to all users.
Major new features and resources launched as part of Anchore Enterprise 2.1 include:
- GUI report enhancements: Leveraging Anchore Enterprise’s reporting service, there is a new set of configurable queries available within the Enterprise GUI Reports control. Users can now generate filtered reports (tabular HTML, JSON, or CSV) that contain image, security, and policy evaluation status for collections of images.
- Single-Sign-On (SSO): Integration support for common SSO providers such as Okta, Keycloak, and other Enterprise IDP systems, in order to simplify, secure, and better control aspects of user management within Anchore Enterprise
- Enhanced authentication methods: SAML / token-based authentication for API and other client integrations
- Enhanced vulnerability data: Inclusion of third party vulnerability data feeds from Risk Based Security (VulnDB) for increased fidelity, accuracy, and live-ness of image vulnerability scanning results, available for all existing and new images analyzed by Anchore Enterprise
- Policy Hub GUI: View, list and import pre-made security, compliance and best-practices policies hosted on the open and publicly available Anchore Policy Hub
- Built on Anchore Engine v0.5.0: Anchore Enterprise is built on top of the OSS Anchore Engine, which has received new features and updates as well (see below for details)
Anchore Engine
Anchore Enterprise 2.1 is built on top of Anchore Engine version 0.5.0, a new version of the fully functional core services that drive all Anchore deployments. Anchore Engine has received a number of new features and other new project updates:
- Vulnerability Data Enhancements: The Anchore Engine API and data model has been updated to include CVE references (for vulnerabilities that can refer to several CVEs) and CVSSv3 scoring information
- Local Image Analysis: New tooling to support isolated container image analysis outside of Anchore Engine, generating an artifact that can be imported into your on-premises Anchore Enterprise deployment
- Policy Enhancements: Many new vulnerability check parameters, enabling the use of CVSSv3 scores, vendor-specific scores, and new time-based specifications for even more expressive policy checks
For a full description of new features, improvements and fixes available in Anchore Engine, view the release notes.
Once again, we would like to sincerely thank all of our open-source users, customers and contributors for spirited discussion, feedback, and code contributions that are part of this latest release of Anchore Engine. If you’re new to Anchore, welcome! We would like nothing more than to have you join our community.
Anchore Enterprise 2.1—Available Now
With Anchore Enterprise 2.1, available immediately, our goal has been to expand the integration, secure deployment, and policy evaluation power for all Anchore users as an evolution of the features available already to existing users.
For users looking for comprehensive solutions to the unique challenges of securing and enforcing best-practices and compliance to existing CI/CD, container monitoring and control frameworks, and other container-native pipelines, we sincerely hope you enjoy our latest release of Anchore software and other resources—we look forward to working with you!