Case Study: Platform One achieves more accurate, compliant container security with Anchore

Platform One - Customer Case Study

Platform One, the DoD’s Iron Bank program, needed a repeatable way to provide hardened container images to military agencies while meeting extremely rigorous security standards and keeping pace with constantly changing threats. The team also had to manage 1,800 base images and reduce the time spent triaging false positives. To help address this, Anchore Enterprise was used as the software supply chain security platform for scanning, SBOM management, and policy enforcement.

Anchore implemented a custom policy pack for DoD Container Hardening requirements, along with SBOM Hints and SBOM Corrections, a vulnerability/exclusion feed, and other scanning enhancements to improve accuracy and compliance. The result was fewer false positives without administrative changes or software updates, more accurate SBOMs with better vulnerability mapping, and a standardized, repeatable container security process. Anchore and Platform One also jointly built a codified policy bundle, including support for over 12,000 known false positives in the exclusion feed.