U.S. Department of Defense Usage Drives Improvement On Private Sector Features
Anchore, whose policy-based container security workflow and compliance solutions platform enables federal and enterprise DevOps and security teams to deploy containers with confidence, today announced several updated product features for its users and customers in Anchore Enterprise 2.4.
New feature upgrades in Anchore Enterprise 2.4 focus on scanning, security, vulnerabilities, and operations:
- Support for virus scanning of containers, allowing customers to look for malware as part of their CI/CD workflow or before deployment from a registry.
- Security reports have been expanded to allow users to compare two different container images, enabling developers to more easily spot issues in their applications from issues in the base operating system.
- Vulnerability detection has been improved with support for a “hint” file which can prompt for detection of security issues in explicitly declared libraries, useful for language types like Go which don’t support a formal package management system.
- Several operational improvements for larger deployments, such as better resource allocation among processes and automated ways to delete large sets of images from the system.
“Containers continue to be the driving force behind the adoption of agile and secure software development practices,” shared Anchore CEO and Co-Founder Saïd Ziouani. “By delivering actionable information through Anchore’s products in this latest release enables us to further close the gap between feature velocity and security.”
Currently used by the U.S. Department of Defense (DoD) with its Iron Bank — a repository of digitally signed, binary container images that have been hardened —Anchore Enterprise 2.4 features have been driven by the DoD’s input and feedback. Recently, Anchore won an AFWERX Small Business Innovation Research (SBIR) Phase II contract with the U.S. Airforce to advance capabilities by connecting innovators to simplify technology transfer and accelerate results. The contract is focused on securing and hardening software containers through automated, policy-based DevSecOps workflows.