Today we are announcing the next step in the evolution of VMware Tanzu Application Catalog. Since its initial availability in March 2020, Tanzu Application Catalog has seen notable success due to its unique DevSecOps approach, which caters to the needs of developers, security admins, and IT operators. Tanzu Application Catalog offers a library of prepackaged, validated, production-ready open source container images that can be customized using base OS images of any customer’s choosing.

When measuring the success of large-scale transformations—particularly in the technology space—it’s natural to look at hard metrics, such as cycle time, mean time to recovery (MTTR), and so on. In IT, for example, hard metrics are what we do all day long. But within any organization, change is ultimately personal. In my experience, relying exclusively on hard numbers often leads you to ignore the human side of transformation, and sometimes even action the wrong things.

DevSecOps combines the responsibilities of development, security and operations in order to make everyone accountable for security in line with the ongoing activities conducted by development and operations teams. DevSecOps tools serve to assist the user in minimising risk as part of the development process and also support security teams by allowing them to observe the security implications of code in production.

DevOps Loop at VMworld, a new community event launched this year, set out to examine DevOps and its core principles in the context of modern apps, multi-cloud, and Kubernetes. We pulled in all the experts—those folks on the ground living and breathing DevOps—to share their viewpoints. And the day was AWESOME. All the sessions are available to view (or view again) on demand. I’m always surprised by how much I miss on the first pass.

It's time to break down the silos separating SREs from security engineers.