Anchore for Federal & Government Agencies

A Policy First container security tool that can be leveraged in air gapped environments to meet security requirements ranging from DoD Impact Level 2 to DoD Impact level 6

Anchore Enterprise is Uniquely Suited for Federal Agencies

Our approach to container security and compliance is a perfect fit for federal agencies implementing modern DevSecOps practices.

Preventative approach to container security

Anchore scans images for vulnerabilities and security issues before they enter your production environment

Deep collaboration with federal agencies

Anchore partners with the DoD on DevSecOps initiatives such as Space Camp and Level UP

Inclusion in DoD reference architecture

Image scanning with Anchore is recommended as part of the DoD DevSecOps Reference Architecture

Anchore Enterprise Federal Solution

Our Anchore Enterprise Federal Solution includes 12 months of access to our best-in-breed security and compliance platform, updates to the out-of-the-box DoD security Policy Bundles, and access to Premium Support.

White Paper: Container Security for US Government Information Systems

Containers introduce unique security challenges for enterprises and federal agencies alike. This paper provides simple and manageable DevSecOps best practices for federal organizations who deploy containers at scale.

Anchore Federal Key Capabilities

End-to-end security and compliance for federal agencies built by the experts in container analysis

Deep Container Image Inspection

Complete insight into container image composition: packages, secrets, credentials, misconfiguration, and Dockerfile contents

Policy-First Security and Compliance

Out-of-the-box, fully-customizable policies designed to meet STIG and NIST standards and comply with DoD container hardening requirements

Automatic Whitelisting and blacklisting

Approval and rejection of packages in accordance with defined security and compliance policies

Designed for Federal Deployment

An agentless design keeps your data local, allowing for deployment in environments ranging from IL-2 to IL-6

Seamless Toolchain Integration

Plug-and-play integration with Jenkins, CircleCI, and custom pipelines automates scanning in CI/CD pipelines

Automatic Configuration Management

Inspection and scanning of your environment's critical payloads before they run in production

Made and Supported in the USA

Anchore is proud to be a United States company. Our product development, engineering and customer support operations are based out of Santa Barbara, CA and Northern Virginia. The Anchore team has extensive experience with DevSecOps deployments for federal agencies in both unclassified and classified environments.

Anchore is Ready to Help You

The team at Anchore is ready to help you deploy containers with confidence. Our expert engineers and consultants are familiar with the standards and best practices required by federal agencies.