Anchore, Inc announced a new flagship software service, Anchore-Engine Anchore 2.0, a suite of open source software tools that provide in-depth analysis and a path to full compliance and corporate best practices for their software containers, both on-premise and in the cloud. DevOps teams will now have one common tool for deep inspection and a full user-defined certification from the start of the development cycle to production.
“The need for fast-paced application delivery in a world that has become highly vulnerable to security threats and overall exposure, is now a major challenge,” said Saïd Ziouani, CEO and cofounder of Anchore. “DevOps teams are tasked to pick the right container images, ensure their compliance with internal corporate policies and track these containers closely over time making sure compliance and overall governance are constantly kept up to date.”
“Beyond speed, developer productivity and efficiency advantages of containers, portability across hybrid infrastructure that includes on-premise, private and public clouds has become a priority and major driver for container software,” said Jay Lyman, principal analyst with 451 Research. “To get containerized applications beyond development and testing and into production environments and uses, containers still need security, policy and compliance checks such as those provided by Anchore in its SaaS and open source software.”
Anchore-Engine introduces new features and integration options primarily in the form of a new API accessible service that can be deployed in any container infrastructure. Using the new Anchore-Engine Service API directly, or with the bundled command-line client tool, users can:
interact with the service to add new container images for analysis and inspection from a variety of private and/or public container registries
upload custom Anchore policy bundles, perform policy checks and security scans
access historical records of policy evaluations over time
receive webhook notifications when images are updated or policy/security scanning results change.
Anchore is already integrated with popular open source tools such as Jenkins and Kubernetes. The new Anchore-Engine Service is bundled as a simple container to ensure fast and portable deployment into any container orchestration system, along with a lightweight command line tool for interacting with the API from client systems.
The Anchore-Engine Service also includes an implementation of a Kubernetes Image Policy Webhook that allows users to integrate Kubernetes with the Anchore-Engine to make automatic container execution decisions based on Anchore policy evaluations.