Anchore has announced an expanded collaboration with NVIDIA for container scanning to ensure the security of software hosted on NVIDIA‘s NGC catalog. NVIDIA has used Anchore container scanning technology since 2019 and the expanded partnership will include vetting third-party software available on NGC.
NGC is a curated collection of GPU-optimized artificial intelligence (AI), machine learning (ML), and high-performance computing (HPC) container images that simplify and accelerate end-to-end workflows. The catalog will now integrate Anchore Enterprise container and policy scanning technology to perform automated security checks before containers are published.
This integration will rely on Anchore technology to perform security scans for detecting:
- Software vulnerabilities (CVEs, RHSAs, GHSAs, and others)
- Container image metadata violations (Dockerfile instructions, layer history)
- Credential leaks (passwords, tokens, access keys)
- Permissive service network exposures (open ports)
Anchore is used to secure both free and paid container marketplaces across a variety of industries and public sector organizations. The U.S. Department of Defense uses Anchore to secure and harden software containers for its Iron Bank repository as part of the Platform One initiative for DevSecOps.
Enterprises in telecommunications, manufacturing, and technology industries also deploy Anchore to ensure the security of container images in marketplaces and catalogs that they provide to customers or partners.