Securing Kubernetes With Anchore

Allow or prevent deployment of images based on flexible Anchore policies

How Anchore Works With Kubernetes

Anchore can be integrated with your Kubernetes environment using admission controllers, ensuring that only images that meet your organization’s policies can be deployed. Images that do not comply, or that fall out of compliance due to the discovery of new security vulnerabilities, can be blocked from running within your environment. Anchore can be deployed standalone or as a service running within your Kubernetes environment.

Anchore-K8s
K8sanchore2-1

Start By Securing Your Pipeline

Anchore is deployed as part of the CI/CD pipeline to scan container images as they are built, validating them against user defined policies. These policies can include checks on security vulnerabilities, package whitelists, blacklists, configuration file contents, presence of credentials, manifest changes, exposed ports or other user-defined checks. Once a repository is scanned, Anchore monitors it for updates and rescans as necessary.

Use Policies To Govern Deployment

Anchore can be integrated with Kubernetes using an admission controller that ensures that container images are compliant with defined policies before deployment. Anchore uses native Kubernetes APIs and does not require any configuration changes or software installed on the host – no Docker plugins or privileged containers are required.

k8sanchore1-1

How To Get Started

Download Anchore Open Source today or Request a Trial of Anchore Enterprise

Try Anchore Open Source

Get started with Anchore right away by downloading and running Anchore Engine

Try Anchore Enterprise

Request a trial of Anchore Enterprise Container Security and Compliance Platform

Need help?

Read our docs or contact us for assistance