Anchore this week released an enterprise edition of its open source container security platform featuring a graphical user interface (GUI) to make it easier for cybersecurity teams to navigate and explore container security events.
Anchore CEO Saïd Ziouani says version 1.1 of Anchore Enterprise builds on Anchore Engine, which developers who prefer to rely on open source software have incorporated into many containerized applications. Developers have gravitated to Anchore Engine because the open source software includes application programming interfaces (APIs) that make it easier to integrate Anchore Engine within a continuous integration/continuous deployment (CI/CD) process, he says.
Anchore Enterprise 1.1 builds on those core capabilities to scale up the Anchore Engine service to accommodate large numbers of image scans, both in aggregate and per unit time, Ziouani says.
Anchore Enterprise also adds support for scans of operating system packages such as RPMs, Debian Package and Alpine Package, as well as other packages such as Node NPM, Ruby GEM, Python and Java Archive.
Other capabilities include support for a more granular policy language that allows security teams to tune security checks and image content checks and launch extended queries to obtain information about the contents of container images and their metadata. That capability has compliance implications because it makes it possible to create audit trails for containers that tend to be highly ephemeral, Ziouani says.
Anchore has also added support for storage integrations with AWS S3, Swift and other S3 compatible storage services and systems, an event subsystem that provides detail records for information and error-level system events, support for Prometheus monitoring metrics and an ability to process and generate reports against very large container image sets over a specific amount of time.
Finally, Anchore is making available Anchore Feed Service, which gives users the ability to control the access and update frequency of external vulnerability data in an on-premises edition of Anchore Enterprise.
As DevSecOps processes continue to evolve and mature, it is increasingly clear IT organizations are looking for mechanisms to shift cybersecurity responsibilities to the left by making developers more responsible for implementing policies. But those policies are still created by cybersecurity teams that need tools to verify whether those policies have been properly implemented. Shifting more responsibility for cybersecurity to the left in no way eliminates the need for cybersecurity specialists. The challenge facing IT organizations now is finding a cybersecurity framework for containers that every stakeholder in the enterprise can get behind.
StormForge's machine learning algorithms that optimize Kubernetes clusters will be fed into CloudBolt's Augmented FinOps tools.
Run:ai enables IT teams to take advantage of container orchestration to schedule AI workloads across multiple GPUs.
Cosmonic has contributed an Operator developed for the wasmCloud platform to the CNCF, enabling WebAssembly applications to run on Kubernetes…
Cloud-native backup and recovery solutions can improve an organization’s cloud data resilience against accidents and online cyberthreats.
In total, 22 capabilities previously available in beta have graduated to stable. Many of those Kubernetes features appeal primarily to…
Red Hat added three new developer tools, expanding its DevSecOps portfolio for building secure cloud-native applications.