Anchore
Container security tools
DevSecOps software
Software bill of materials (SBOM) software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if Anchore and its alternatives fit your requirements.
Contact the product provider
Free TrialFree version
Small
Medium
Large
- Transportation and logistics
- Professional services (engineering, legal, consulting, etc.)
- Energy and utilities
What is Anchore
Anchore is a container security platform focused on scanning container images for vulnerabilities, policy compliance, and supply-chain risks. It is used by DevSecOps and platform engineering teams to enforce security gates in CI/CD pipelines and to monitor container registries and runtime environments. The product emphasizes SBOM generation and analysis, policy-as-code controls, and integrations with common container build and deployment workflows.
Strong SBOM and policy controls
Anchore supports generating and analyzing SBOMs as part of container image security workflows. It provides policy-based evaluation to block or allow images based on vulnerability severity, package allow/deny lists, and other compliance rules. This helps teams standardize security gates across build pipelines and registries. The policy approach fits organizations that need auditable, repeatable controls.
CI/CD and registry integrations
Anchore is designed to integrate into automated build and release processes, enabling scanning during image build and before deployment. It also supports scanning images stored in container registries to identify drift and newly disclosed vulnerabilities. These integrations reduce reliance on manual reviews and help security teams shift checks earlier in the delivery lifecycle. The workflow focus aligns with DevSecOps operating models.
Container image analysis depth
Anchore performs package-level inspection of container images to identify OS and application dependencies that contribute to risk. It can correlate discovered components with vulnerability data and produce reports suitable for remediation workflows. This level of analysis is useful for teams managing large fleets of images and needing consistent visibility. It also supports governance use cases where evidence of what is inside an image matters.
Not a full CNAPP suite
Anchore primarily centers on container image and software supply-chain security rather than broad cloud posture management. Organizations looking for a single tool that covers CSPM, CIEM, and workload protection across all cloud resources may need additional products. This can increase integration and operational overhead. Fit depends on whether container supply-chain security is the main requirement.
Tuning and policy maintenance required
Effective use typically requires teams to define policies, manage exceptions, and tune rules to reduce noise. Vulnerability findings can require triage to distinguish exploitable issues from low-impact items in base images. Without clear ownership and processes, teams may experience alert fatigue or inconsistent enforcement. Ongoing maintenance is common in mature DevSecOps programs.
Runtime coverage may be limited
Anchore’s core strengths are in pre-deployment image analysis and compliance enforcement rather than deep runtime detection and response. If an organization needs behavioral threat detection, incident response workflows, or endpoint-style telemetry for containers, it may need complementary runtime security tooling. This can complicate architecture decisions for teams seeking end-to-end coverage. Buyers should validate runtime capabilities against their threat model.
Plan & Pricing
| Plan | Price | Key features & notes |
|---|---|---|
| Core (Cloud Image) | Request pricing (contact sales) | Container SBOMs, Vulnerability scanning, Malware scanning (containers), NIST/CIS policy packs, License & content controls; Support: Basic 9×5 SLA. SBOMs/month: 500 (as shown on Anchore pricing page). cite |
| Enhanced (Cloud Image) | Request pricing (contact sales) | Same core capabilities plus expanded limits/integrations; Support: Basic 9×5 SLA / upgradeable; SBOMs/month: 3000. cite |
| Pro (Container Image) | Request pricing (contact sales) | Enterprise API access, SSO/RBAC, CI/CD & registry integrations, vulnerability/malware/secrets scanning; Support tiers available; SBOMs/month: 2000. cite |
| Advanced (Container Image) | Request pricing (contact sales) | Full feature set for large-scale deployments, add-ons available (FedRAMP, DoD policy packs, runtime inventory); SBOMs/month: 4000. cite |
| Basic (Federal Cloud Image) | Request federal pricing (contact sales) | Federal-focused offering with SBOMs, vulnerability scanning, NIST/CIS policy packs; Support: Basic 9×5 SLA; SBOMs/month: 1000. cite |
| Premium (Federal Cloud Image) | Request federal pricing (contact sales) | Enhanced federal features (DoD/FedRAMP policy packs available as add-ons), higher SBOM limits; SBOMs/month: 3000. cite |
| Ultimate (Federal Container Image) | Request federal pricing (contact sales) | Highest federal tier with advanced compliance packs, extended support options; SBOMs/month: 4000. cite |
Notes: Anchore’s public pricing page shows feature/limit tiers and many add-ons but does not publish dollar amounts — customers are prompted to "Request Pricing" or contact Anchore for federal pricing. Feature and SBOM limits, and support levels are shown on the Anchore pricing page. cite
Seller details
Anchore, Inc.
Santa Barbara, CA, USA
2016
Private
https://anchore.com/
https://x.com/anchore
https://www.linkedin.com/company/anchore/
