Webinar: How Workday Improved their Security Posture with Opsera | Register Now
Integrate with your Toolchain now
The Anchore Engine
CI/CD Stage
Product Type

What is Anchore

Anchore Engine allows developers to perform detailed analysis on container images, generating a software bill of materials. Through seamless integration with CI/CD systems, Anchore Engine can prevent publication of images containing known vulnerabilities.

Anchore Integration with Opsera

  • Image Analysis: Perform deep inspection of container images, cataloging all operating system packages, files and software artifacts such as Ruby GEMs, JARs, and Node modules.
  • Policy Management: Define and apply policies based on security best practices and use them to prevent dangerous builds from completing and problematic images from being deployed.
  • Continuous Monitoring: Policies are continuously evaluated to catch issues created when images are updated, CVEs are added or removed, or new best practices are established.
  • CI/CD Integration: Integrate Anchore Engine into CI/CD pipelines to ensure that builds are only successful when images meet custom security and compliance requirements.
  • Highly Customizable: Define checks for vulnerabilities, package whitelists, blacklists, configuration files, secrets in image, manifest changes, exposed ports and more.
  • Orchestration: Use Anchore Engine analysis and policy checks to ensure that only certified and secure images are deployed in Kubernetes or other Orchestration Platforms.


Related Platforms