Case Study: Cisco Achieves FedRAMP, FIPS, and STIG Compliance with Anchore Enterprise

Cisco - Customer Case Study

Cisco needed a way to meet the strict compliance requirements of its AWS GovCloud environment for Cisco Umbrella for Government. The team had to satisfy FedRAMP vulnerability scanning requirements, maintain STIG and FIPS compliance for Amazon EC2 virtual machines, secure containerized workloads across CI/CD, Amazon EKS, and Amazon ECS, and meet EO 14028 SBOM requirements. Cisco selected Anchore Enterprise and Anchore Syft to support these goals.

Anchore implemented a software supply chain security solution that included distributed container scanning, automated policy enforcement, SBOM generation and management, and an on-prem cloud deployment model. With Anchore, Cisco achieved FedRAMP, FIPS, STIG, and EO 14028 compliance in weeks instead of months, reduced implementation time, improved developer experience by integrating security into existing workflows, and better positioned its platform for future compliance needs.

Cisco