Confidently Implement the DoD DevSecOps Reference Design
Anchore Federal image scanning and analysis allows agencies to implement a compliant workflow for secure container development and delivery.
Anchore Federal is Uniquely Suited for Government Agencies
Our approach to container security and compliance is a perfect fit for federal agencies implementing modern DevSecOps practices.
Preventative approach to container security
Anchore scans packages for vulnerabilities and security issues before they enter your production environment
Deep collaboration with federal agencies
Anchore partners with the DoD on DevSecOps initiatives such as Space Camp and Level UP
Inclusion in DoD reference architecture
Image scanning with Anchore is recommended as part of the DoD DevSecOps Reference Architecture
"Anchore is one of few container security companies that are approved as part of the DoD Enterprise DevSecOps initiative and a key component for ensuring the security and compliance of software containers within the DoD Container Artifact Repository (DCAR). Anchore is particularly used to enforce our security policies and prevent insider threat. We could not find another product similar in the market with such focus."
Nicolas Chaillan | Chief Software Officer, United States Air Force
Anchore Enterprise Federal Solution
Anchore Federal includes 12 months of access to our best-in-breed security and compliance platform, updates to the out-of-the-box DoD security Policy Bundles, and access to Premium Support.
White Paper: Container Security for US Government Information Systems
Containers introduce unique security challenges for enterprises and federal agencies alike. This paper provides simple and manageable DevSecOps best practices for federal organizations who deploy containers at scale.
Anchore Federal Key Capabilities
End-to-end security and compliance for federal agencies built by the experts in container analysis
Deep Container Image Inspection
Complete insight into container image composition: packages, secrets, credentials, misconfiguration, and Dockerfile contents
Policy-First Security and Compliance
Out-of-the-box, fully-customizable policies designed to meet DoD container hardening requirements and standards
Automatic Allowlist And Denylist
Approval and rejection of packages in accordance with defined security and compliance policies
Designed for Federal Deployment
An agentless design keeps your data local, allowing for deployment in environments ranging from IL-2 to IL-6
Seamless Toolchain Integration
Plug-and-play integration with Jenkins, CircleCI, and custom pipelines automates scanning in the software delivery lifecycle stack
Automatic Configuration Validation
Inspection and scanning of your environment's critical payloads before they run in production
Made and Supported in the USA
Anchore is proud to be a United States company. Our product development, engineering and customer support operations are based out of Santa Barbara, CA and Northern Virginia. The Anchore team has extensive experience with DevSecOps deployments for federal agencies in both unclassified and classified environments.
Anchore is Ready to Help You
The team at Anchore is ready to help you deploy containers with confidence. Our expert engineers and consultants are familiar with the standards and best practices required by federal agencies.