Anchore Anchore Enterprise

Anchore Enterprise is a Software Composition Analysis solution that provides SBOM generation and management for cloud-native applications. The platform generates SBOMs at every commit, build, and deployment, capturing dependencies, file metadata, licenses, and content across source code and containers. The solution performs continuous vulnerability scanning using an SBOM-powered approach that enables scanning for new vulnerabilities without requiring access to original software artifacts. It includes malware scanning capabilities to search for malware signatures in container images and secret scanning to identify unencrypted secrets based on common or user-defined regular expression patterns. Anchore Enterprise offers compliance policy packs for NIST, FedRAMP, and DISA standards, with policy-as-code functionality that allows enforcement of internal best practices or formal compliance requirements through JSON instructions. The platform supports license checks to block unapproved licenses and provides cloud runtime inventory capabilities for EKS, ECS, AKS, GKE, and OpenShift clusters. The solution includes vulnerability prioritization based on CVSS Score, Severity, EPSS, and CISA KEV data. It supports importing externally created SBOMs in Syft, CycloneDX, or SPDX formats. All features can be accessed through an API for automated integration. The platform can be deployed in air-gapped environments for classified or restricted access use cases.