Enterprise-Ready Container Security and Compliance
Anchore Enterprise integrates seamlessly into your software supply chain to enforce defined policies that allow you to deliver quickly and with confidence.
Comprehensive Image Inspection
Perform deep analysis on container images including searchable lists of all packages, files and software artifacts such as Ruby GEMs and Node.JS modules.
Policy Based Compliance
Encode best practices into compliance as code by defining policies that best fit your team's environments. User policies to discover secrets and personal identifiable information (PII) data or enforce allow and deny lists to better control parent image exposure.
CI/CD & REGISTRY INTEGRATIONS
Ready to go integrations with popular CI tools, and easy to use CLI tools make integrating anchore into your CI/CD pipelines easy as bash or configure Anchore Enterprise to scan any image published to your registry.
End-to-End security and compliance for the enterprise built on the open source Anchore
Users can view and browse repositories, create and define custom policies, and define custom reports using a clean and powerful graphical user interface
Role Based Access Control
A role-based-access-control system allows administrators to define roles grant access to Anchore scanning and policy operations
Authentication against SAML or LDAP means administrators don’t have to manage identities and passwords, enabling easy onboarding of users
Air-Gapped Feed Service
An on-premises feed service maintains up-to-date vulnerability data without requiring a direct connection to the internet and the Anchore Feed Service.
Define detailed policies with ease using a graphical policy builder, then apply them to enforce organizational security requirements
Visualize overall compliance status at a glance and drill down for actionable results that improve your overall container security posture
Review detailed logs of key system and user activities and ensure that a level of compliance has been maintained consistently over time
Enhanced Vulnerability Feeds
Access to high-quality, proprietary vulnerability feed data provides more accurate and timely information on new vulnerabilities
Receive notifications when policy status changes through web hooks, email, or integrations with Slack, Jira, GitHub Issues, and Microsoft Teams
A comprehensive REST API, defined in OpenAPI / Swagger format, can be accessed over HTTPS for all management and reporting features
Anchore plugs seamlessly into CI/CD pipelines to ensure that security and compliance are maintained throughout the development workflow
A Kubernetes admission controller prevents images that do not conform to defined policies from being deployed inside a running cluster
Anchore Enterprise supports any Docker V2 compatible registry including ECR, GCR, ACR, Quay, DockerHub, Artifactory, SuSE Portus and CNCF Harbor
Detailed and thorough vulnerability scanning of operating system packages, software libraries, non-packaged files and more
Analyze any Linux based image to produce a bill of materials including files, OS packages, Gems, npm modules, Python Eggs, and Java archives