Anchore Engine

LSE toolsLSE toolsAnchore Engine (279)Anchore Engine (279)

Tool and Usage

Project details

Year of inception
License
Apache License 2.0
Programming language
Python
Latest release
1.1.0
Latest release date

Project health

64
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Anchore is a tool to help with discovering, analyzing and certifying container images. These images can be stored both on-premises or in the cloud. The tooling is mainly focused on developer so that perform analysis on their container images. Typical actions include running queries, creating reports, or set up policies for a continuous integration and deployment pipeline.

How it works

Anchore scans the configuration of an image and its building blocks. This includes areas like software packages and libraries, source code, configuration files, and file permissions. The policies define what is allowed or isn't, to alert on non-compliance.

Usage and audience

Anchore Engine is commonly used for system hardening. Target users for this tool are developers, pentesters, security professionals, and system administrators.

Features

  • Command line interface

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 10 contributors
  • + Commercial support available
  • + More than 1000 GitHub stars
  • + The source code of this software is available

Author and Maintainers

Supporting company

This project is maintained by Anchore, Inc.

Installation

Supported operating systems

Anchore Engine is known to work on Linux.

Dependencies

Several dependencies are required to use Anchore Engine.

  • click
  • clint
  • docker-py
  • jsonschema
  • prettytable
  • pyyaml
  • requests

Anchore Engine alternatives

Similar tools to Anchore Engine:

60

Dagda

Dagda is a security tool to perform static analysis of known vulnerabilities, malware and threats in Docker images and containers. It monitors both the Docker daemon and running containers to find anomalies and suspicious activities.

60

bane

The bane tool is an AppArmor profile generator for Docker containers. It helps with creating the appropriate profile for confinement on system level.

93

Lynis

Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.

All Anchore Engine alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Compare Anchore Engine with other tools

Categories

This tool is categorized as a Docker security tool, compliance testing tool, and container security tool.