Chainguard Enforce
Enforce enables you to build, manage, ensure continuous compliance, and enforce policies that protect your organization from supply chain threats.
Enforce enables you to build, manage, ensure continuous compliance, and enforce policies that protect your organization from supply chain threats.
Enforce is a supply chain security solution for containerized workloads.
Enforce supports policies based on the SLSA Framework and NIST's Secure Software Development Framework.
Enforce can be used to generate SBOMs, monitor running containers for CVEs, and protect infrastructure against insider attacks.
Enforce generates a real-time asset inventory database to power developer tooling, incident recovery, and audit automation.
Installs in a running cluster with one command. Support for CloudFormation, Terraform, and other automation systems.
Enforce integrates with build systems to establish a record of what source code was used to build each container.
Two pods per-cluster in an HA configuration. 50m CPU, 50MB memory requests.
By default it is 1 CPU and 1GB of RAM. These are configurable and allow these requests/limits to be increased based on policy and enforcement prioritization. Our engineers have spent years optimizing tooling to ensure your applications get the lion's share of your resources… not our agent.
No, but we complement many scanners by providing a seamless workflow for ensuring fewer false positives for the security teams to have to investigate.
Anywhere Kubernetes runs. We also have an add-on for Amazon ECS. We also have plugins available for Jenkins, CircleCI, GitHub Actions, Gitlab CI, and Tekton. We offer custom integrations for other systems as well.
Awareness with a realtime view of what is running in prod and where it came from.
Simple rollout with built-in policies for SLSA and other compliance frameworks.
Automation to improve compliance against policies through powerful integrations.
We assess and build out roadmaps for your organization’s Software Supply Chain, including the Infrastructure, configuration, and compliance needs, to shift security left in the delivery lifecycle.
Learn more