Anchore Engine

An open source tool for deep image inspection and vulnerability scanning

Use Anchore Across Multiple Platforms

Docker whale logo grayscale
Amazon Web Services AWS logo grayscale
Google Cloud Provider GCP logo grayscale
Microsoft Azure logo grayscale
Office buildings icon
Slack logo color transparent background

Have Questions?

Join our community slack channel to interact with other users and members of the Anchore team!

New call-to-action

What Anchore Open Source Does

Anchore Engine allows developers to perform detailed analysis on container images, generating a software bill of materials. Through seamless integration with CI/CD systems, Anchore Engine can prevent publication of images containing known vulnerabilities.

Anchore container security certification process

Features

Anchore Engine is fully-featured and flexible, and can work within a wide variety of environments and development pipelines.

IMAGE ANALYSIS

Perform deep inspection of container images, cataloging all operating system packages, files and software artifacts such as Ruby GEMs, JARs, and Node modules.

POLICY MANAGEMENT

Define and apply policies based on security best practices and use them to prevent dangerous builds from completing and problematic images from being deployed.

CONTINUOUS MONITORING

Policies are continuously evaluated to catch issues created when images are updated, CVEs are added or removed, or new best practices are established.

CI/CD INTEGRATION

Integrate Anchore Engine into CI/CD pipelines to ensure that builds are only successful when images meet custom security and compliance requirements.

HIGHLY CUSTOMIZABLE

Define checks for vulnerabilities, package whitelists, blacklists, configuration files, secrets in image, manifest changes, exposed ports and more.

ORCHESTRATION

Use Anchore Engine analysis and policy checks to ensure that only certified and secure images are deployed in Kubernetes or other Orchestration Platforms.

Install Anchore Engine

With a working deployment of Docker and a few simple commands, you can get up and running in less than 5 minutes.

What You Can Do with Anchore

Explore some of the most popular Anchore commands

anchore-cli image add library/debian:latest

anchore-cli image vuln myrepo/app:latest os

anchore-cli image content myrepo/app:latest files

anchore-cli evaluate check myrepo/app:latest

Integrations

Integrate Anchore with your favorite CI/CD Systems, Orchestration Platforms, and more.

Kubernetes logo color

Kubernetes

By integrating Anchore and Kubernetes you can ensure that only trusted and secure images are deployed and run in your Kubernetes environment

Jenkins logo color

Jenkins

Anchore has been designed to plug seamlessly into CI/CD pipelines to add deep image inspection, compliance and governance to your workflow.

Get Started with Anchore Today

Read the Quick Start guide to get up and running fast, or consult the documentation to see how Anchore can work for you

Join the Anchore Community

Ask questions, engage with Anchore users, contribute code, and let us know what you think

Github

Click here to get the source code and contribute to the project

Slack

Click here to join our slack channel and chat with community members

Twitter

Follow us on Twitter to stay up to date with new Anchore developments