Skip to content

Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.

Notifications You must be signed in to change notification settings

anchore/s3c-workshops

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
 
 
 
 
 
 

Repository files navigation

Software Security in the Real World

This repo offers step-by-step guidance that take you from deploying Anchore Enterprise (version 5.6.2) to a series of specific labs, showcasing how you can utilize Anchore Enterprise to improve security across your software supply chain.

Target Audience

Anyone who wants to understand how they can improve security across their SDLC using Anchore Enterprise. This repository will get you a running Anchore Enterprise deployment in either a Docker Compose to Kubernetes. After you have a successful deployment, just pick an interesting lab, and we take you through a guided tour with step-by-step instructions.

Use cases

Anchore Enterprise is a flexible platform that can be utilized in many ways, here are some of these use cases that you might recognise.

SBOM (Software Bill of Materials) - Get comprehensive visibility of your software components to bolster security and ensure vulnerability accuracy with the most complete SBOM available.

Container Vulnerability Scanning - Reduce false positives and false negatives with best-in-class signal-to-noise ratio.

Container Security - Identify and remediate container security risks, and monitor post-deployment for new vulnerabilities.

Container Registry Scanning - Get continuous security and compliance checks integrated directly into your container image registry.

CI/CD Pipeline Security - Embed security and compliance into your CI/CD / DevSecOps pipeline to uncover vulnerabilities, secrets, and malware in your automated build processes and keep development moving.

Cluster Integrations - Allow or prevent deployment of images based on flexible policies and continuously monitor the inventory of insecure images running in your clusters.

FedRAMP Vulnerability Scanning - Meet the new FedRAMP Vulnerability Scanning Requirements for Containers and achieve compliance faster with Anchore.

Cybersecurity & Federal Compliance - Automate compliance checks using out-of-the-box and custom policies.

Labs

Each lab below steps you through tried and tested examples across many use cases.

  • Deployment - Get Anchore Enterprise & AnchoreCTL Running (REQUIRED)
  • VIPERR - Visibility, Inspection, Policy Enforcement, Remediation, Reporting

Learn More

Anchore supports many use cases, configurations and environments, please check out the Anchore Docs, wider resources, or get in touch directly to learn more.

About

Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.

Topics

Resources

Security policy

Stars

Watchers

Forks