Anchore includes a full featured policy language, which can be used to customize security, best-practices and other checks to evaluate images against.  Policy evaluation generates a report against an input image which can be used by itself, or as a control mechanism when integrated with a CI/CD framework.  For more information on using Anchore's policy features, see the Anchore Policies section of the documentation.