Summary
This case study details the Iron Bank program within the Department of Defense (DoD), which facilitates the adoption of DevSecOps solutions and enhances transparency in containerized software. It describes how Iron Bank provides a centralized and hardened container image repository that supports secure software development across the DoD. The document outlines the challenges faced by Iron Bank, including balancing deployment velocity with policy compliance and managing false positives in vulnerability assessments. It explains the solutions implemented by Anchore Enterprise, which include a container image scanner, automated policy engine, and custom policies to meet DoD security standards. The results highlight the effectiveness of these solutions in reducing false positives and ensuring compliance with the DoD Container Hardening Guide. The collaboration between Iron Bank and Anchore has led to significant improvements in the security and integrity of military software systems, enabling a proactive security stance across the DoD.
