Anchore and Carahsoft Partner to Provide Container-Based Security to the Public Sector
Anchore Solutions Now Available on Carahsoft SEWP, U.S. Air Force and Maryland COTS Contracts
Anchore, experts in container workflow, analysis and security, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider, announced a partnership. Under the agreement, Carahsoft will serve as Anchore’s Master Government Aggregator, making Anchore’s container security inspection platform available to the public sector through Carahsoft’s NASA Solutions for Enterprise-Wide Procurement (SEWP) V and Maryland Commercial Off the Shelf Software (COTS) contracts and the company’s reseller partners. In addition, Anchore is available under Carahsoft’s U.S. Air Force DevSecOps BOA, which is established to support the U.S. Air Force LevelUP mission as well as the DevSecOps goals of the greater Department of Defense (DoD) and related agencies.
“We chose Carahsoft as our Master Government Aggregator based on their ability to effectively address the broad and complex public sector market,” said Craig Bowman, Vice President of Public Sector at Anchore. “Organizations building and deploying cloud-native technologies – including the DoD and civilian agencies such as the DHS, VA, and HHS – need Anchore to manage an increasingly fragmented and dynamic software supply chain. With this partnership, we can use policy-based compliance to secure workflows across the public sector.”
Anchore’s container inspection and analytics platform provides deep container image inspection, analysis, scanning, reporting and verification to ensure that DevSecOps workflows run efficiently without compromise. This offering is comprised of three comprehensive solutions:
- Anchore Enterprise – A complete container security workflow solution that allows developers to perform detailed comprehensive image analysis to expose risks, unsafe configurations and other vulnerabilities. Enterprise can be implemented through an API or CLI, allowing seamless integration and full access to all of Enterprise’s capabilities.
- Anchore Engine – An open source tool that provides a centralized service for deep inspection on container images and vulnerability analysis to generate a software bill of materials. This highly customizable tool seamlessly integrates into CI/CD systems and continuously monitors policies when images are updated.
- Anchore Federal – A policy first container security tool suited for Federal agencies that meet security requirements ranging from DOD-IL-2 to DOD-IL-6. Anchore Federal’s image scanning and analysis provides end-to-end security and compliance that meets TIG and NIST standards and FedRAMP guidelines.
As application modernization and complexity increases, developers are in need of tools that address and analyze container security without compromising momentum. Anchore’s container workflow, analysis and security platform mitigates risks and prevents vulnerabilities to containers while defining and enforcing security policies.
“As container use in agencies’ DevSecOps pipelines continues to rise, the need to protect those containers from threats also increases,” said Natalie Gregory, Vice President of Sales at Carahsoft. “Anchore’s mission to help users create and deploy trusted software quickly and efficiently alleviates those risks. We look forward to working with Anchore and our reseller partners to bring security-first solutions to the public sector.”