OEM Partners

The Anchore OEM partner program allows software vendors, integrators and service providers to extend their offerings with industry leading certification, security and compliance features by embedding Anchore’s best in class container analysis and certification technology.

Embed Security & Compliance with Anchore

We work closely with our OEM solution partners, to seamlessly embed the functionality of Anchore’s container analysis and policy management engine within our partners offerings to create an integrated suite of applications ensuring security and compliance at every level of the software development lifecycle

Value Propositions

  • Powerful container-native open source security and compliance solution
  • Platform of choice by Cloudbees and Sysdig among others
  • Widely adopted by F1000 companies today
  • Utilized by 30+ F100 brands
  • 100,000+ users of Anchore technology and growing
  • Over 1 million images scanned across 5,000+ repositories

Key Features of Anchore OEM

  • Container image vulnerability scanning using public & private sources
  • Compatible with any infrastructure that runs containers
  • Support for all pertinent container registries
  • Stable, expressive restful APIs provide flexible integration options
  • Flexible access control with RBAC
  • Organizational best practice through custom policy enforcement

Some of Our Technology Partners

sysdigicon

Sysdig

“We love Anchore. It’s tools allow us to simplify analysis and security of the software development lifecycle in a container-native architecture.”

cloudbees-infinity-branding-element

Cloudbees

“Continuous delivery requires continuous security & compliance making sure that only the right code gets deployed. With Anchore we can deliver a secure CD pipeline for enterprise deployments”

replicated

Replicated

“Anchore gives us the ability to ensure compliance for security, best practices, & content so our team can focus on delivering reliability and a great user experience”

The Most Comprehensive Container Security Inspection Platform for OEM Partners

Anchore technology allows OEM partners to perform in depth analysis of container images allowing users to generate a detailed manifest and create and apply specific policy gates and checks for their entire container workload on premises and in the cloud

Vulnerability Scanning

Perform a detailed and thorough scan for any known vulnerabilities in your application and operating system packages

Secrets and Passwords

Ensure all secrets are not present in your image including passwords, API keys, and any other sensitive information

Operating System Packages

Anchore performs a thorough scan on your container image to identify any known operating system packages

3rd Party Libraries

Easily identify non-OS third party libraries including Node.js NPM’s, Ruby GEM’s, Python PIP, PERL CPAN, and JAVA Archives

Whitelist

Whitelist elements of your image when performing analysis to ensure that detection does not block the deployment of an image

Blacklist

With Anchore you can easily blacklist elements like source code in the image, usernames, user ID’s, licenses, packages, or images in their entirety

Dockerfile Checks

Analyze and perform a check on the contents of a Dockerfile or the Docker history for any container image

Other Checks

Identify configuration files, file permissions, unpackaged files, and anything else you’d like to uncover

Typical Anchore OEM Architecture

OEM-Diagram-1-2-2-2

Anchore Vulnerability Report

Use Cases

Embed Anchore technology into your offering and instantly deliver container security and compliance at every stage of a container’s lifecycle

coding-icon_15

Security and Compliance Tools

Rapidly extend existing cloud and virtualization solutions by adding in depth reporting on security vulnerabilities in operating system packages and software libraries including Java, Node.JS, Ruby GEMs and Python.

coding-icon_16

Orchestration Platform

Using Anchore Orchestration providers can prevent out-of-compliance containers from being deployed and display real time compliance of running containers allowing you to provide historic reports for auditors showing security and compliance status.

coding-icon_12

CI / CD Systems

CI/CD vendors can add reporting & compliance features to container pipelines to provide a detailed bill of materials for each build and “gate” deployments of containers that do not meet an organizations security or operational best practices.

coding-icon_7

Container Registry

Container Registries can use Anchore to easily embed in-depth security vulnerability reporting and policy based compliance features directly into a container registry for detailed reporting of the contents of container images

Get in Touch About a Partnership

Interested in working with Anchore? Send us a message.