Kubernetes Image Scanning & Security
Allow or prevent deployment of images based on flexible Anchore policies and see the inventory of insecure images running in your clusters
How Anchore Security Tools Work With Kubernetes
Anchore tools provide additional security for your Kubernetes environment. Anchore uses native Kubernetes APIs and does not require any configuration changes or privileged containers to be installed.
- Prevent deployment of images that don’t meet your organization’s security policies using a Kubernetes admission controller using a Kubernetes admission controller.
- Pinpoint risks in your runtime environment with Anchore’s Kubernetes Asset Inventory tool, that provides visibility into the security profile of active or recently active containers.
Start By Securing Your Pipeline
Embed security checks in the CI/CD pipeline to scan container images as they are built, validating them against flexible policies. Apply out-of-the-box or customized policies that check security vulnerabilities, package allowlists, blocklists, configuration file contents, presence of credentials, manifest changes, exposed ports or other user-defined checks. Anchore continually monitors your repositories for updates and rescans as necessary.
Use Policies To Govern Deployment
Ensure only images that meet your organization’s policies can be deployed. Images that do not comply, or that fall out of compliance due to the discovery of new security vulnerabilities, can be blocked from running in your environment.
How To Get Started
Try our Anchore open source tools today or request a trial of Anchore Enterprise