Attention
The Feed Service has been EOL’ed in v5.10.0. Enterprise no longer supports running a separate feed service. It has been replaced by the Data Syncer Service. Details of this new service are below.Overview
Anchore Data Service
Anchore operates a hosted service called the Anchore Data Service that serves pre-built datasets to customer Enterprise deployments.
Anchore Data Service manages three datasets:
- Vulnerability Database (grypedb) - This dataset contains vulnerability data from the following sources:
- Alpine
- Amazon Linux
- Anchore Exclusions (CVEs that Anchore has excluded from the feed)
- Chain Guard
- Debian
- Github
- Mariner
- MSRC
- NVD (Including the Anchore Enhancements)
- Oracle
- RHEL
- SLES
- Ubuntu
- Wolfi
- ClamAV Malware Database - This dataset contains malware signatures that are used to detect malware in images.
- CISA Known Exploited Vulnerabilities (KEV) - This dataset contains vulnerability annotations that are used to provide additional context to vulnerabilities.
These datasets are refreshed by pipelines that run every 6 hours.
Access and Authentication
The following two FQDNs need to be allowlisted in your network to allow the Data Syncer Service to communicate with the Anchore Data Service:
https://data.anchore-enterprise.com
https://s3.us-west-2.amazonaws.com/enterprise-data-service.production.anchore.io
Authentication for this service is provided by your Anchore Enterprise license. No additional credentials are required.
Enterprise Data Syncer Service
Anchore Enterprise includes a service, called the Data Syncer Service, that is responsible for syncing the datasets from the Anchore Data Service and making them available for use by the rest of Anchore Enterprise.
Design
