Anchor

Open source container image scanning – Integrated with Sysdig Secure + open source Falco

Start Free Trial

Anchore Engine is an open source container image scanning tool that analyzes packages and third-party libraries present in container images to find known software vulnerabilities and report on content and licenses.

Anchore Engine and Falco compliment each other to provide image scanning and runtime security using open source tools.

Anchore integrated with Sysdig Secure product provides the latest software vulnerability updates, integration with CI/CD pipeline tools and complete container security lifecycle management with vulnerability management, compliance and audit, runtime security, threat defense, forensics and incident response.

Key Features

Analyze images

Analyze container images

Analize container images to find known software vulnerabilities including official OS packages, unofficial packages and third-party libraries such as NodeJS NPM, Python PiP, Ruby GEM, and Java JAR/WAR.

Image Scanning

CI/CD
integration

Image scanning can be run at multiple points in the delivery pipeline: during build time in the CI server and to images available on a container registry or already running. You can just report or break the pipeline until the image is compliant with your policy.

Security Policies

Define & enforce security policies

Define policies to govern security vulnerabilities, whitelist or blacklist OS packages and third-party libraries, configuration file contents, language modules or software licenses. Check if your container images and Dockerfiles are following your policy and security best practices.

Kubernetes

Kubernetes
integration

Integrate with your orchestration platform, such as Kubernetes, to ensure that only images that are certified by your organization are run in your cluster, using an Admission Controller.Integrate with your existing workflow

Get Started

Sysdig Monitor

Anchore Engine & open source Falco

Check out our article on Docker container image scanning and how to check if vulnerable images are running with open source Falco.

Learn More

Sysdig Monitor

Anchore Engine & Sysdig Secure

Anchore together with the latest software vulnerability updates and fix status have been integrated with Sysdig Secure product.

Learn More

Sysdig Monitor

Anchore Engine project

Anchore Engine is an open source project. Check it out on GitHub and join the community.

Learn More