Anchore Federal

A Policy-First container security tool for air-gapped environments that meets security requirements ranging from DoD IL-2 to DoD IL-6

Anchore works with federal agencies to implement modern DevSecOps practices

Anchore Federal is Uniquely Suited for Government Agencies

Our approach to container security and compliance is a perfect fit for federal agencies implementing modern DevSecOps practices.

Preventative approach to container security

Anchore scans images for vulnerabilities and security issues before they enter your production environment

Deep collaboration with federal agencies

Anchore partners with the DoD on DevSecOps initiatives such as Space Camp and Level UP

Inclusion in DoD reference architecture

Image scanning with Anchore is recommended as part of the DoD DevSecOps Reference Architecture

Confidently Implement the DoD DevSecOps Reference Design

Anchore Federal image scanning and analysis allows agencies to implement a compliant workflow for secure container development and delivery.

Read the Reference Design

"Anchore is one of few container security companies that are approved as part of the DoD Enterprise DevSecOps initiative and a key component for ensuring the security and compliance of software containers within the DoD Container Artifact Repository (DCAR). Anchore is particularly used to enforce our security policies and prevent insider threat. We could not find another product similar in the market with such focus."

Nicolas Chaillan

Chief Software Officer, United States Air Force

Anchore Enterprise Federal Solution

Anchore Federal includes 12 months of access to our best-in-breed security and compliance platform, updates to the out-of-the-box DoD security Policy Bundles, and access to Premium Support.

White Paper: Container Security for US Government Information Systems

Containers introduce unique security challenges for enterprises and federal agencies alike. This paper provides simple and manageable DevSecOps best practices for federal organizations who deploy containers at scale.

Anchore's white paper for container security for U.S. government information systems

Anchore Federal Key Capabilities

End-to-end security and compliance for federal agencies built by the experts in container analysis

Deep Container Image Inspection

Complete insight into container image composition: packages, secrets, credentials, misconfiguration, and Dockerfile contents

Policy-First Security and Compliance

Out-of-the-box, fully-customizable policies designed to meet STIG and NIST standards and comply with DoD container hardening requirements

Automatic Whitelisting and blacklisting

Approval and rejection of packages in accordance with defined security and compliance policies

Designed for Federal Deployment

An agentless design keeps your data local, allowing for deployment in environments ranging from IL-2 to IL-6

Seamless Toolchain Integration

Plug-and-play integration with Jenkins, CircleCI, and custom pipelines automates scanning in CI/CD pipelines

Automatic Configuration Management

Inspection and scanning of your environment's critical payloads before they run in production

Made and Supported in the USA

Anchore is proud to be a United States company. Our product development, engineering and customer support operations are based out of Santa Barbara, CA and Northern Virginia. The Anchore team has extensive experience with DevSecOps deployments for federal agencies in both unclassified and classified environments.

Anchore Federal is used by DevSecOps teams for container security workflows

Anchore is Ready to Help You

The team at Anchore is ready to help you deploy containers with confidence. Our expert engineers and consultants are familiar with the standards and best practices required by federal agencies.