Anchore Secures Containers For AI, ML and HPC On NVIDIA NGC

Anchore-Secures-Containers-for-AI,-Machine-Learning-and-HPC-on-NVIDIA-NGC

Anchore advances marketplace container security momentum with growing enterprise demand for container scanning technology

Anchore, a provider in continuous security and compliance for software containers, announced an expanded collaboration with NVIDIA for container scanning to ensure the security of the software hosted on NVIDIA’s NGC catalogue. NVIDIA has used Anchore container scanning technology since 2019 and the expanded partnership will include vetting third-party software available on NGC.

NGC is a curated collection of GPU-optimised artificial intelligence (AI), machine learning (ML), and high-performance computing (HPC) container images that simplify and accelerate end-to-end workflows. The catalogue will now integrate Anchore Enterprise container and policy scanning technology to perform automated security checks before containers are published. This integration will rely on Anchore technology to perform security scans for detecting:

  • Software vulnerabilities (CVEs, RHSAs, GHSAs, and others)
  • Container image metadata violations (Dockerfile instructions, layer history)
  • Credential leaks (passwords, tokens, access keys)
  • Permissive service network exposures (open ports)

Also Read: Cloud Data Security: Adopt a Zero Trust Approach 

‘Anchore is working with organisations across a variety of industries to secure their container build pipeline by embedding automated security checks and policy controls during the development process’, said Saïd Ziouani, CEO of Anchore. ‘NVIDIA’s use of Anchore’s enterprise solution gives developers and data scientists access to NGC software that has been vetted for security risks.’

‘Developers rely on NVIDIA’s NGC catalogue for a wide variety of GPU-accelerated software’, said Adel Hallak, director of product management for NGC at NVIDIA. ‘Our use of Anchore’s scanning technology can help reassure them that the containers on NGC have been evaluated for critical security risks before they’ve been put into production.’

Growing Demand for Securing Container Marketplaces

Anchore is used to secure both free and paid container marketplaces across a variety of industries and public sector organisations. The U.S. Department of Defense uses Anchore to secure and harden software containers for its Iron Bank repository as part of the Platform One initiative for DevSecOps. Enterprises in telecommunications, manufacturing, and technology industries also deploy Anchore to ensure the security of container images in marketplaces and catalogues that they provide to customers or partners.

‘Incorporating Anchore’s container scanning technology to harden images in the Platform One Iron Bank repository has allowed us to drastically increase our security and understanding of the Bill of Materials of third party containers. The Anchore technology is an essential element to how we approach secure software development’, said Nic Chaillan, Chief Software Officer, US Air Force.