Anchore this week released an enterprise edition of its open source container security platform featuring a graphical user interface (GUI) to make it easier for cybersecurity teams to navigate and explore container security events.
Anchore CEO Saïd Ziouani says version 1.1 of Anchore Enterprise builds on Anchore Engine, which developers who prefer to rely on open source software have incorporated into many containerized applications. Developers have gravitated to Anchore Engine because the open source software includes application programming interfaces (APIs) that make it easier to integrate Anchore Engine within a continuous integration/continuous deployment (CI/CD) process, he says.
Anchore Enterprise 1.1 builds on those core capabilities to scale up the Anchore Engine service to accommodate large numbers of image scans, both in aggregate and per unit time, Ziouani says.
Anchore Enterprise also adds support for scans of operating system packages such as RPMs, Debian Package and Alpine Package, as well as other packages such as Node NPM, Ruby GEM, Python and Java Archive.
Other capabilities include support for a more granular policy language that allows security teams to tune security checks and image content checks and launch extended queries to obtain information about the contents of container images and their metadata. That capability has compliance implications because it makes it possible to create audit trails for containers that tend to be highly ephemeral, Ziouani says.
Anchore has also added support for storage integrations with AWS S3, Swift and other S3 compatible storage services and systems, an event subsystem that provides detail records for information and error-level system events, support for Prometheus monitoring metrics and an ability to process and generate reports against very large container image sets over a specific amount of time.
Finally, Anchore is making available Anchore Feed Service, which gives users the ability to control the access and update frequency of external vulnerability data in an on-premises edition of Anchore Enterprise.
Anchore already makes available Anchore Cloud, a free service based on Anchore Engine that developers can invoke to scan images. But as containers become more widely deployed across the enterprise, it’s clear security teams also want to be able to access a framework to manage container security across an extended enterprise, Ziouani says. Anchore Enterprise provides that capability in a way that complements a developer’s natural inclination to rely on open source software, he adds.
As DevSecOps processes continue to evolve and mature, it is increasingly clear IT organizations are looking for mechanisms to shift cybersecurity responsibilities to the left by making developers more responsible for implementing policies. But those policies are still created by cybersecurity teams that need tools to verify whether those policies have been properly implemented. Shifting more responsibility for cybersecurity to the left in no way eliminates the need for cybersecurity specialists. The challenge facing IT organizations now is finding a cybersecurity framework for containers that every stakeholder in the enterprise can get behind.