Anchore Enterprise
A platform for managing software supply chain security and compliance in cloud-native environments.
| Category | Supply Chain Security |
|---|---|
| Last Commit | 1 year ago |
| This page updated | a month ago |
| Pricing Details | Various tiers available, including Pro Tier (up to 2,000 SBOMs/month) and Premium Tier (up to 4,000 SBOMs/month). |
| Target Audience | DevOps teams, security teams, and organizations managing cloud-native applications. |
Anchore Enterprise manages managing software supply chain security and compliance in cloud-native environments by leveraging software bills of materials (SBOMs) to provide continuous visibility and automation.
At its core, Anchore Enterprise generates detailed SBOMs at every stage of the software development lifecycle (SDLC), including source code repositories, CI/CD pipelines, container registries, and deployment environments. This approach ensures a comprehensive inventory of direct and transitive dependencies, enabling the identification of vulnerabilities, malware, misconfigurations, and secrets. The platform integrates with development toolchains to minimize friction and automate the generation of SBOMs, which are stored in a central repository for ongoing monitoring and risk assessment.
The technical architecture of Anchore Enterprise is built on open source tools like Syft and Grype, which are optimized for container image security and vulnerability scanning. The platform supports multiple scanning stages, including source code, build, stage, deploy, and run, allowing teams to catch security issues early in the development process. Anchore's policy engine enables the definition of customizable policies to enforce compliance with industry standards or internal rules, automating the identification and remediation of security issues.
Operationally, Anchore Enterprise is delivered as a set of containers deployable on Kubernetes or other container platforms across on-premises, hosted, and public cloud environments. The platform is scalable and offered in various tiers, each with different capabilities and environment sizes determined by the number of SBOMs generated. For example, the Pro Tier supports up to 2,000 SBOMs per month, while the Premium Tier supports up to 4,000 SBOMs per month. Each tier includes features such as vulnerability scans, policy controls, and rich APIs, with varying levels of support and additional features like runtime image monitoring and DISA STIG compliance checks.
Key operational considerations include the management of SBOM limits, which are based on the monthly average of SBOMs added over the subscription year, and the infrastructure configuration, which depends on the selected tier. Anchore solution architects are available to help determine the best architecture for specific use cases. Additionally, the platform integrates with various development and collaboration tools like GitHub, GitLab, Jira, and Slack to streamline developer workflows and facilitate quicker remediation.