Case Study: U.S. Navy Achieves ATO in Days with Anchore

US Navy achieves ATO in days with continuous compliance and OSS risk management

The U.S. Navy, working through PEO Digital and the Black Pearl DevSecOps Platform, needed to meet strict RMF and ATO requirements while maintaining continuous compliance, managing open-source software risk, and reducing vulnerability overload for developers. To support both the platform itself and the applications built on it, the Navy needed a security solution that could handle compliance and supply chain risk across the full software lifecycle.

Anchore provided policy packs, automated ATO compliance, continuous monitoring for OSS risk, and prioritized vulnerability reporting to help Black Pearl meet RMF controls and streamline reporting. With Anchore, the platform could be deployed as an assessment-ready DSOP in 3–5 days, compliance reporting time was significantly reduced, OSS risks were managed proactively, and developers received fewer low-value alerts so they could move faster toward ATO.

U.S. Navy

Josiah Ritchie

DevSecOps Staff Engineer