A Buyers’ Guide to DevSecOps

Echoing Dickens, for many in software security, it is the best of times and it is the worst of times. Every day brings literal front page news about software compromises resulting in massive data leaks. Meanwhile, the use of cloud-native technologies has meant that the variety and complexity of the software being deployed has outstripped …

A Buyers’ Guide to DevSecOps Read More »

Anchore Enterprise 2.2 released with new features and integrations

Announcing Anchore Enterprise 2.2

Just in time for the holidays, Anchore Enterprise 2.2, our latest update, is now generally available to all of our customers. For this release, we focus on third-party integrations to send notifications, and a new system dashboard to help customers view the status of their systems. This new enterprise release is based on open source …

Announcing Anchore Enterprise 2.2 Read More »

Anchore container scan for GitHub Actions is now available

Anchore for GitHub Actions

Today at Github Universe, we are announcing the availability of the Anchore Container Scan action for GitHub. Actions allow developers to automate CI/CD workflows, easily integrating tools like Anchore into their build processes. This new action was designed for teams looking to introduce security into their development processes. You can find the action in the …

Anchore for GitHub Actions Read More »

Delivery Hero uses Anchore container security of DevSecOps and image analysis

The Delivery Hero Story, Inviting Security to the Party

Last week, the team at Delivery Hero posted the first in a series of articles about bolstering container security and compliance in their DevOps container orchestration model using Anchore Engine. We think they did a fantastic job explaining their goals and sharing the progress they have made. Their article is a great read for those …

The Delivery Hero Story, Inviting Security to the Party Read More »

Benefits of Static Image Inspection and Policy Enforcement

In this post, I will dive deeper into the key benefits of a comprehensive container image inspection and policy as code framework A couple of key terms: Comprehensive Container Image Inspection: Complete analysis of a container image to identify it’s entire contents: OS & non-OS packages, libraries, licenses, binaries, credentials, secrets, and metadata. Importantly: storing …

Benefits of Static Image Inspection and Policy Enforcement Read More »

Success With Anchore, Best Practices from our Customers

Successful container and CI/CD security encompass not only vulnerability analysis but also a mindset based on integrating security with every step of the Software Development Life Cycle (SDLC). At Anchore, we believe incorporating early and frequent scanning with policy enforcement can help reduce overall security risk. This blog shares some of the elements that have …

Success With Anchore, Best Practices from our Customers Read More »

Anchore Talk Webinar, Redefining the Software Supply Chain

We are pleased to announce Anchore Talks, a series of short webinars to help improve Kubernetes and Docker security best practices. We believe it is important to have excellent security measures in place when adopting containers, and that drives every decision we make when developing Anchore Enterprise and Anchore Engine. These talks, no longer than …

Anchore Talk Webinar, Redefining the Software Supply Chain Read More »

Anchore and Google Distroless

The most recent open source release of Anchore Engine (0.5.1), which is also available as part of Anchore Enterprise 2.1, added support for Google Distroless containers. But what are they and why is the addition notable? When containers were first starting to be adopted, it was natural for many users to think of them as …

Anchore and Google Distroless Read More »

Anchore Engine 0.5.1 Release

We are pleased to announce the immediate availability of Anchore Engine 0.5.1, the latest point update to our open source software from Anchore that helps users enforce container security, compliance, and best practice requirements. This update not only adds bug fixes and performance improvements but also adds a new policy gate check and support for …

Anchore Engine 0.5.1 Release Read More »