Luboš Blažek
anchoreSpeed or Security? The mission requires both.
Automation is the only way to move at high velocity while maintaining a hardened posture.
Check out the top STIG tools for 2025.
https://anchore.com/blog/top-stig-compliance-tools/
Don't be the security blocker 🚫
Waiting for a scan in staging is too late. By then, the developer has moved on. Learn how to catch STIG violations before the image ever leaves the pipeline with insights from Jono Bergquist on our blog.
🛑 Stop treating your containers like tiny servers.
If you are SSH-ing into a container to scan it for STIGs, you're doing it wrong. We break down how to handle compliance the cloud-native way.
Manual security checks are the enemy of speed
If you are still manually editing .ckl files, you are losing the battle. Automation is the only way forward for #DoD software factories.
See why in our latest post: https://anchore.com/blog/top-stig-compliance-tools/
GF493D@Black_Flag I redit. Thankfully I hav no memry of its content. #stig #80s It becam quite an insult @ our skool 2b called #Stig maybe stil is?
Compliance isn't about creativity. It's about auditability. 📝
"We write the SAF rules to follow the STIG profile 'as written'... You are being held accountable to the profile." @AaronLippold.
Read how @MITREcorp SAF handles automation: https://anchore.com/blog/stig-in-action-4-lessons-on-automating-compliance-with-mitre-saf/
Stop checking files. Start interrogating systems. 🔍
Old tools like SCAP do static analysis. @AaronLippold (@MITREcorp) explains why modern compliance demands real system interrogation to prevent insecure deployments.
Get the details: https://anchore.com/blog/stig-in-action-4-lessons-on-automating-compliance-with-mitre-saf/
"Immutable" containers aren't always immutable. 🛠️
Ops teams still log in. Configuration drift happens. @joshbressers explains why scanning running production containers is critical for maintaining your ATO.
Full interview here: https://anchore.com/blog/stig-in-action-4-lessons-on-automating-compliance-with-mitre-saf/
Security shouldn't be a black box. 📦
We chatted with @AaronLippold from @MITREcorp about why SAF is open source: "It was built to solve a problem for everybody, not just us."
Read why collabs beat monetization in our latest blog: https://anchore.com/blog/stig-in-action-4-lessons-on-automating-compliance-with-mitre-saf/