Recent contract, new customer installations, and marketplace listings further advance Anchore’s presence in the federal market.

Santa Barbara, CA – October 27, 2022 - Today Anchore announced a $1.58M tactical funding award to extend its Small Business Innovation Research (SBIR) Phase II contract with the United States Air Force (USAF) Platform One (P1) program.  The tactical funding award is to provide 12 months of work in critical areas that build on Anchore’s deep expertise and institutional knowledge to advance P1 goals.  With the award, Anchore and P1 will deliver new innovative capabilities for securing software supply chains.

“It is important now, perhaps more than ever before, to be proactive about software supply chain security in order to stay ahead of current and emerging threats.  Anchore’s role in this contract award is to continue developing technology that identifies and illuminates the constantly evolving software components that are used to compose critical infrastructure across a broad spectrum of programs,” said Dan Nurmi, CTO of Anchore.  “We’re proud to partner with the P1 team and happy to see that this contract will continue into the future to help secure our nation’s critical software systems.”

“Anchore’s partnership with P1 continues to advance software security across the Department through innovative technical solutions and modern, industry standard security practices,” said Colonel Timothy Helfrich, Senior Materiel Leader, Cyber Systems Group, USAF.  “P1’s mission is to transform how the Department of Defense (DoD) delivers warfighter capability through innovative frameworks, collaborative culture, and secure software.  Adversaries attempt to compromise our national defense daily, and the software supply chain is a growing attack vector.  At P1, security is not an afterthought, it is the first thought.  Anchore’s industry standard software bill of materials (SBOM) formats help Iron Bank publish SBOMs for broad consumption and track for unexpected drift to mitigate supply chain risk for the Department of the Air Force.”

In the Executive Order on Improving the Nation’s Cybersecurity, President Biden encourages federal agencies to mandate the use of SBOM as a best practice to understand software dependencies and components to prevent malicious activity.  Anchore’s software supply chain tools automate compliance checks with pre-built policy packs for U.S. government standards, including the DoD, Defense Information Systems Agency STIG, CISA, FedRAMP, NIST, and Center for Internet Security benchmarks.

In addition, Anchore’s software container scanning capabilities are included in the U.S. DoD Container Hardening Guide and Container Image Creation and Deployment Guide to help federal agencies maintain a strong security posture when working with containerized applications.

Federal Footprint Expansion

Anchore technology is deployed across a wide number of DoD agencies and programs.  Anchore’s solutions are used specifically to identify and remediate critical vulnerabilities and malware, ensure strict adherence to government compliance standards, and improve the overall security posture of these and other critical aircraft and warships, conventional and nuclear weapons systems, and key intelligence centers and software factories.

Anchore Available in the Federal Marketplace

As Anchore continues to collaborate with federal agencies, its offerings are now available for purchase through the online government marketplaces of GSA Advantage and Second Generation IT Blanket Purchase Agreements (2GIT).  Anchore’s software supply chain security tools can be purchased through contract vehicles at pre-negotiated rates and terms, enabling federal agencies to easily procure solutions to institute proactive cyber hardening and software supply chain security measures.

For more information about Anchore’s secure public sector solution that automates compliance with stringent government security standards, visit

About Anchore

Anchore is a leader in software supply chain security and enables organizations to protect  applications against attacks. Anchore technology embeds continuous security and compliance checks at every stage of the software development process.  Large enterprises and government agencies use Anchore solutions to generate a comprehensive software bill of materials, pinpoint vulnerabilities, identify malware, and discover unprotected credentials that can lead to hacks and ransomware.  With an API-centric approach, Anchore solutions integrate into the tools developers already use to detect issues earlier, saving time and lowering the cost to fix vulnerabilities.

Anchore is recognized on the Forbes 2022 list of America’s Best Startup Employers.  To learn more visit

Media Contact:
Brandie Gerrish
[email protected]