Anchore Open Source Engine

An open source container compliance platform to ensure security and stability of production container deployments

Install Anchore Engine

Use Anchore Across Multiple Platforms

Have Questions?

Join our community slack channel to interact with other users and members of the Anchore team!

Join Anchore Community Slack

What Anchore Open Source Does

The Anchore Engine allows developers to perform detailed analysis on their container images, run queries, produce reports and define policies that can be used in CI/CD pipelines. Developers can extend the tool to add new plugins that add new queries, new image analysis, and new policies.

Features

Highly customizable and dynamic to meet all of your container security and compliance needs

U

image analysis

Perform deep analysis on images including searchable lists of all packages, files and software artifacts such as Ruby GEMs and Node.JS modules.

s

policy management

Define and apply policies to certify images within the CI/CD pipeline, within your container registry before images are deployed.



notifications

Receive notifications when images are updated, CVEs are added or removed & when the policy status of an image changes.



CI/CD Integration

Integrate into your CI/CD pipeline to ensure that only images that meet your security and compliance requirements are deployed.

l

Highly Customizable

Define checks for vulnerabilities, package whitelists, blacklists, configuration files, secrets in image, manifest changes, exposed ports and more.



Orchestration

Use the Anchore Engine to ensure that only the certified and secure images are deployed and run in your Orchestration Platform

What You Can Do with Anchore

Explore some of the most popular Anchore commands

Submit an Image to be Analyzed

anchore-cli image add library/debian:latest

See if your images have any known CVE vulnerabilities

anchore-cli image vuln myrepo/app:latest os

List all of the files in a particular image

anchore-cli image content myrepo/app:latest files

Evaluate your image against your custom security policy

anchore-cli evaluate check myrepo/app:latest

Subscribe to receive notifications when an image is updated

anchore-cli subscription activate tag_update library/debian:latest

Integrations

Integrate Anchore with your favorite CI/CD Systems, Orchestration Platforms, and more.

By integrating Anchore and Kubernetes you can ensure that only trusted and secure images are deployed and run in your Kubernetes environment Kubernetes

Integrate

Anchore has been designed to plug seamlessly into your container based CI/CD pipeline to add analytics, compliance and governance to your workflow. Jenkins

Integrate

Install Anchore Engine in a few simple steps

Get up and running in less than 5 minutes

Install Anchore Engine

Secure Your Jenkins Pipeline in Minutes with Anchore

Compare Anchore Solutions

CVE / Secrets Scanning

Blacklists & Whitelists

Policy Based Compliance

CI/CD Integration

Kubernetes Integration

Prometheus Integration

Notifications

Audit Logs

Multi-User Support

Enterprise UI

Role Based Access Control

LDAP

Compliance Dashboard

Air-Gapped Data Feed Service

Snyk Feeds Support

Formatted Audit Reporting

Policy GUI Editor

Enterprise Support