Enforce Software Container Compliance

Automate compliance checks using out-of-the-box and custom policies

container-compliances-img-1

Anchore Helps you Achieve Compliance

container-compliances-icon-1

Ease Compliance

Quickly achieve container compliance for standards such as NIST, STIG, and FedRAMP with out-of-the-box policy packs.

container-compliances-icon-2

Meet Industry Standards

Easily customize pre-built policies to meet industry specific compliance standards such as HIPAA, PCI and more.

container-compliances-icon-3

Customize Policies

Tailor policies to your specific needs and meet organizational compliance standards with flexible policy rules.

container-compliances-img-2

NIST Container Compliance

Define clear policies for your container environment to help with execution and mapping of National Institute of Standards and Technology Special Publication (NIST SP) 800-190 Sections 4.1 - 4.5.

FedRAMP Container Compliance

Resolve compliance issues for containerized applications and shorten the timeline to achieve a FedRAMP authority to operate (ATO) certification. Use pre-built checks for container-related FedRAMP controls to help meet supplemental requirements in FedRAMP's Vulnerability Scanning Requirements for Containers document.

container-compliances-img-3
container-compliances-img-4

CIS Docker Compliance

Build and apply customizable policies to help users with sections of Center for Internet Security (CIS) Docker Benchmarks 1.13 with an out-of-the-box CIS Policy Pack.

DISA STIG Compliance

Fully automate Software Technical Integration Guide (STIG) checks for containers running in a Kubernetes cluster and security teams a single dashboard to report on DISA STIG compliance issues.

container-compliances-img-5

Recommended Resources

container-compliance-resource-1

Checklist

Meet FedRAMP Vulnerability Scanning Requirements

The recently released FedRAMP Vulnerability Scanning Requirements for Containers details a number of new requirements that applications must meet. These new requirements are specific to containerized applications and are in addition to existing FedRAMP controls.

container-compliance-resource-2

on-demand Webinar

Policy-Based Compliance For Containers: CIS, NIST, and More

Policies are an integral part of ensuring security and compliance, but what does "policy-based compliance" mean in the world of cloud-native software development? How can policies be automated to ensure the security of your container images?

container-compliance-resource-3

Blog

A Policy Based Approach to Container Security & Compliance

What are some of the best practices organizations can adopt to help achieve their own compliance needs? In this post, we will first define compliance and then cover a few steps development teams can take to help to bolster their container security.

anchore-mark-blue-500px

Ready to Get Started?

Add security into your DevOps pipeline with Anchore