Anchore, Inc. announced the newest version of its transformative container compliance and security platform, Anchore Enterprise 2.3. This release follows the close of a Series A round of funding in January, fueling a new stage of product and operational growth. Announced at the GitHub Satellite conference, Anchore Enterprise 2.3 serves the needs of those in the GitHub and Microsoft technology ecosystems.
Anchore Enterprise 2.3 introduces support for deep image inspection of Windows container images, allowing customers to extend container-based DevSecOps workflows beyond the Linux stack for the first time. Analysis of images has been expanded to include the discovery of NuGet packages (in tech preview) which allows for policy-based control over .NET frameworks and artifacts. Anchore Enterprise 2.3 also provides an updated reporting service that allows users to schedule and generate custom reports. The new version includes support for the GitHub Security Advisory Database, providing customers with vulnerability data from the world’s largest developer community.
“Every day, customers improve the security posture of their Linux applications using DevSecOps practices powered by Anchore Enterprise,” said Saïd Ziouani, CEO of Anchore. “But until now, those practices only provided governance for Linux applications running in Linux containers. This new release of Anchore Enterprise offers that power to teams in the Microsoft ecosystem, helping them establish even more comprehensive visibility and compliance throughout their software supply chain.”
While containers are indelibly part of Linux, many enterprises operate in environments where key applications are built using Microsoft ecosystem technologies. These applications can be managed within container orchestration platforms like Docker and Kubernetes, running alongside Linux applications in the hybrid cloud for greater efficiency and flexibility. Anchore Enterprise 2.3 performs deep image inspection of Windows container images, building a comprehensive software build of materials (SBOM) that can be used to establish and enforce policies.
“Containers have taken hold in the IT landscape because of their flexibility,” said Taylor Brown, PM Manager for Container Platform at Microsoft. “However, they present a fresh set of governance and operational security challenges. To address these challenges, Anchore now supports Windows Server containers, delivering more choice for public sector agencies and enterprises developing container-based applications, and implementing broad DevSecOps initiatives.”