Overview
Anchore operates a hosted service called the Anchore Data Service that serves pre-built datasets to customer Enterprise deployments.
Please review the Anchore Data Service status page for information on how to check the status of the datasets.
Anchore Data Service currently manages five datasets:
- Vulnerability Database (vulnerability_db) - This dataset contains vulnerability data from the following sources:
- Alpine
- Amazon Linux
- Chain Guard
- CISA KEV (Known Exploited Vulnerabilities)
- Debian
- EPSS (Exploit Prediction Scoring System)
- Github
- Mariner
- MSRC
- NVD (Including the Anchore Enhancements)
- Oracle
- RHEL
- SLES
- Ubuntu
- Wolfi
- Vulnerability Match Exclusions (vulnerability_match_exclusions_db) - CVEs that Anchore has excluded from the feed.
- ClamAV Malware Database (clamav_db) - This dataset contains malware signatures that are used to detect malware in images.
These datasets are refreshed by pipelines that run every 6 hours.
Data Syncer Service Design
Anchore Enterprise includes a service, called the Data Syncer Service, that is responsible for syncing the datasets from the Anchore Data Service and making them available for use by the rest of Anchore Enterprise.
The following FQDN needs to be allowlisted in your network to allow the Data Syncer Service to communicate with the Anchore Data Service:
https://data.anchore-enterprise.com
Authentication for this service is provided by your Anchore Enterprise license. No additional credentials are required.
To learn more, please review the Data Syncer Service Configuration doc.