Enforce Software Container Compliance

Automate compliance checks using out-of-the-box and custom policies


Anchore Helps you Achieve Compliance


Ease Compliance

Quickly achieve container compliance for standards such as NIST, STIG, and FedRAMP with out-of-the-box policy packs.


Meet Industry Standards

Easily customize pre-built policies to meet industry specific compliance standards such as HIPAA, PCI and more.


Customize Policies

Tailor policies to your specific needs and meet organizational compliance standards with flexible policy rules.


NIST Container Compliance

Define clear policies for your container environment to help with execution and mapping of National Institute of Standards and Technology Special Publication (NIST SP) 800-190 Sections 4.1 - 4.5.

FedRAMP Container Compliance

Resolve compliance issues for containerized applications and shorten the timeline to achieve a FedRAMP authority to operate (ATO) certification. Use pre-built checks for container-related FedRAMP controls to help meet supplemental requirements in FedRAMP's Vulnerability Scanning Requirements for Containers document.


CIS Docker Compliance

Build and apply customizable policies to help users with sections of Center for Internet Security (CIS) Docker Benchmarks 1.13 with an out-of-the-box CIS Policy Pack.

DISA STIG Compliance

Fully automate Software Technical Integration Guide (STIG) checks for containers running in a Kubernetes cluster and security teams a single dashboard to report on DISA STIG compliance issues.


Recommended Resources



Meet FedRAMP Vulnerability Scanning Requirements

The recently released FedRAMP Vulnerability Scanning Requirements for Containers details a number of new requirements that applications must meet. These new requirements are specific to containerized applications and are in addition to existing FedRAMP controls.


on-demand Webinar

Policy-Based Compliance For Containers: CIS, NIST, and More

Policies are an integral part of ensuring security and compliance, but what does "policy-based compliance" mean in the world of cloud-native software development? How can policies be automated to ensure the security of your container images?



A Policy Based Approach to Container Security & Compliance

What are some of the best practices organizations can adopt to help achieve their own compliance needs? In this post, we will first define compliance and then cover a few steps development teams can take to help to bolster their container security.


Ready to Get Started?

Add security into your DevOps pipeline with Anchore