What is Anchore
Anchore Engine allows developers to perform detailed analysis on container images, generating a software bill of materials. Through seamless integration with CI/CD systems, Anchore Engine can prevent publication of images containing known vulnerabilities.
Anchore Integration with Opsera
- Image Analysis: Perform deep inspection of container images, cataloging all operating system packages, files and software artifacts such as Ruby GEMs, JARs, and Node modules.
- Policy Management: Define and apply policies based on security best practices and use them to prevent dangerous builds from completing and problematic images from being deployed.
- Continuous Monitoring: Policies are continuously evaluated to catch issues created when images are updated, CVEs are added or removed, or new best practices are established.
- CI/CD Integration: Integrate Anchore Engine into CI/CD pipelines to ensure that builds are only successful when images meet custom security and compliance requirements.
- Highly Customizable: Define checks for vulnerabilities, package whitelists, blacklists, configuration files, secrets in image, manifest changes, exposed ports and more.
- Orchestration: Use Anchore Engine analysis and policy checks to ensure that only certified and secure images are deployed in Kubernetes or other Orchestration Platforms.
Resources
