🗂️ Navigation
📁 Kubernetes & Containers
📋 Container Image Management
🔧 Anchore

Anchore

Secure Your Software Supply Chain.

Visit Website →

Overview

Anchore provides tools to secure the software supply chain, with a strong focus on container image analysis. It generates a detailed Software Bill of Materials (SBOM) for each image, scans for vulnerabilities, and allows users to define and enforce custom security policies. It is available as an open-source engine and a commercial enterprise product.

✨ Key Features

  • Deep container image analysis and SBOM generation
  • Vulnerability scanning
  • Custom policy-based compliance enforcement
  • Integration into CI/CD pipelines
  • Malware scanning

🎯 Key Differentiators

  • Best-in-class SBOM generation
  • Powerful and flexible policy engine
  • Strong presence in the public sector and regulated industries

Unique Value: Provides deep visibility into the contents of container images and enables organizations to enforce granular security and compliance policies throughout the software supply chain.

🎯 Use Cases (3)

Generating SBOMs for container images Enforcing security and compliance policies in a CI/CD pipeline Continuous vulnerability monitoring of container images

✅ Best For

  • Securing software supply chains for government and federal agencies (FedRAMP)
  • Automated compliance checks for regulated industries

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Users who only need a place to store container images

🏆 Alternatives

Snyk Aqua Security JFrog Xray

Anchore's strength lies in its policy engine and SBOM capabilities, which are often more advanced than those found in other security scanning tools.

💻 Platforms

Web API Self-hosted CLI

✅ Offline Mode Available

🔌 Integrations

Jenkins GitLab GitHub Actions Kubernetes All major container registries

🛟 Support Options

  • ✓ Email Support
  • ✓ Dedicated Support (Enterprise tier)

🔒 Compliance & Security

✓ SOC 2 ✓ GDPR ✓ SSO ✓ SOC 2 Type II ✓ FedRAMP

💰 Pricing

Contact for pricing
Free Tier Available

✓ 14-day free trial

Free tier: Open-source version (Syft, Grype)

Visit Anchore Website →

🔄 Similar Tools in Container Image Management

Docker Hub

A cloud-based registry service for building and shipping application or service containers....

$5.00/mo

Google Artifact Registry

Store, manage, and secure container images and language packages on Google Cloud....

$0.10/mo

Amazon Elastic Container Registry (ECR)

A fully-managed Docker container registry that makes it easy to store, manage, and deploy Docker con...

$0.10/mo

Azure Container Registry (ACR)

A managed, private Docker registry service based on the open-source Docker Registry 2.0....

$5.00/mo

JFrog Artifactory

A universal artifact repository manager that supports all major package formats, including Docker....

$98.00/mo

Red Hat Quay

An enterprise-focused private container registry for building, analyzing, and distributing container...

Contact