Anchore Secures Containers for AI, Machine Learning and HPC on NVIDIA NGC – HPCwire

Anchore Secures Containers for AI, Machine Learning and HPC on NVIDIA NGC – HPCwire

SANTA BARBARA, Calif., May 13, 2021 — Today Anchore, a leader in continuous security and compliance for software containers, announced an expanded collaboration with NVIDIA for container scanning to ensure the security of software hosted on NVIDIA’s NGC catalog. NVIDIA has used Anchore container scanning technology since 2019 and the expanded partnership will include vetting third-party software available on NGC.

NGC is a curated collection of GPU-optimized artificial intelligence (AI), machine learning (ML), and high-performance computing (HPC) container images that simplify and accelerate end-to-end workflows. The catalog will now integrate Anchore Enterprise container and policy scanning technology to perform automated security checks before containers are published. This integration will rely on Anchore technology to perform security scans for detecting:

  • Software vulnerabilities (CVEs, RHSAs, GHSAs, and others)
  • Container image metadata violations (Dockerfile instructions, layer history)
  • Credential leaks (passwords, tokens, access keys)
  • Permissive service network exposures (open ports)

“Anchore is working with organizations across a variety of industries to secure their container build pipeline by embedding automated security checks and policy controls during the development process,” said Saïd Ziouani, CEO of Anchore. “NVIDIA’s use of Anchore’s enterprise solution gives developers and data scientists access to NGC software that has been vetted for security risks.”

Growing Demand for Securing Container Marketplaces

Anchore is used to secure both free and paid container marketplaces across a variety of industries and public sector organizations. The U.S. Department of Defense uses Anchore to secure and harden software containers for its Iron Bank repository as part of the Platform One initiative for DevSecOps. Enterprises in telecommunications, manufacturing, and technology industries also deploy Anchore to ensure the security of container images in marketplaces and catalogs that they provide to customers or partners.

“Incorporating Anchore’s container scanning technology to harden images in the Platform One Iron Bank repository has allowed us to drastically increase our security and understanding of the Bill of Materials of third party containers. The Anchore technology is an essential element to how we approach secure software development,” said Nic Chaillan, Chief Software Officer, U.S. Air Force.

For more information about Anchore go to www.anchore.com.

About Anchore

Anchore accelerates the development of secure and compliant cloud-native applications. Anchore’s container security solutions seamlessly embed continuous security and compliance checks throughout the software development process. From sourcing to CI/CD pipelines to production, Anchore’s solutions protect the software supply chain and prevent container security risks from reaching production. Using Anchore as part of the DevSecOps toolchain creates a reliable way to detect issues earlier, save developers time and lower the cost to fix vulnerabilities. Built with an open source foundation, Anchore solutions provide transparency into source code and the benefit of peer reviews.

Headquartered in California with offices in Virginia and the UK, Anchore customers include large enterprises and government agencies that require secure and compliant cloud-native applications. To learn more about Anchore’s solutions, visit www.Anchore.com.


Source: Anchore

Source

Leave a Reply

%d bloggers like this: