SBIR-STTR Award

The purpose of this SBIR is to demonstrate the efficacy of Anchore to identify and implement enhancements required to further secure and automate container hardening practices across the PlatformOne program and implement those enhancements. The mission impact of this project on the Air Force and the DoD will be to enhance further warfighters ability to rapidly create and deploy software applications in a secure, flexible and interoperable manner. The goal is to deliver a 100% increase in the number of hardened containers and save the DoD $750 Million annually.

Keywords:
DevOps, Containers, Kubernetes, Cloud Native, Cyber Security, DevSecOps, Docker, Openshift

As the DoD adopts software "containers" as part of a transition to a DevSecOps development model, those containers must be "hardened" so that any unnecessary functionality or user permissions are removed prior to deployment. To prevent duplication of effort and inconsistent results, the DoD needs a centralized process for hardening and storing containers. It is estimated that without a centralized repository of containers, the DoD will spend $4 Billion a year hardening containers. Proposed Solution: As a response to this need, the DOD has formed what is known as DCAR, the DoD Centralized Artifact Repository. With a yearly budget of $10M/year, DCAR is able to harden approximately 20% of the necessary containers for the DoD, with an estimated savings of $2.5 Billion per year. However, there still remains hundreds of additional containers that require enterprise hardening that DoD is not working on.