Enforcing Software Container Compliance

Using flexible policies, Anchore enforces compliance standards in container environments

Achieve Compliance with Anchore

At Anchore, we take a preventative, policy based compliance approach specific to organizational needs. Our philosophy of scanning and evaluating Docker images against user defined policies as early as possible in the development lifecycle, greatly reduces vulnerable, non-compliant images from making their way into trusted container registries and production environments.

Our customizable policy engine allows organizations to help achieve NIST SP 800-190 compliance, CIS Benchmarks for Docker and Kubernetes, and general best practices for building secure Docker images.

Achieve Compliance With Anchore's Platform andPolicy-Based Approach

NIST Container Compliance

Anchore Helps With National Institute of Standards and Technology Container Compliance

The National Institute of Standards and Technology Special Publication 800-190 was designed to explain the security concerns associated with container technologies. In addition, recommendations are made throughout the publication for addressing the outlined concerns.

By allowing you to define clear policies for your container environment,  Anchore can help with execution and mapping of NIST SP 800-190 Sections 4.1 – 4.5.

CIS Docker Compliance

As Docker usage has greatly increased, it has become increasingly important to gain a better understanding of how to securely configure and deploy Dockerized applications. The Center for Internet Security published 1.13 Docker Benchmark, which provides consensus based guidance by subject matter experts for users and organizations to achieve secure Docker usage and configuration.

By building and applying customizable policies, Anchore can help users with certain sections of CIS Docker Benchmarks 1.13.

Anchore Helps Users With Center for Internet Security Docker Benchmarks

How To Get Started

Try our Anchore open source tools today or request a trial of Anchore Enterprise

Try Anchore Open Source

Get started with Anchore right away by using our open source tools Syft and Grype

Try Anchore Enterprise

Request a trial of Anchore Enterprise container security and compliance platform