Operations | Monitoring | ITSM | DevOps | Cloud

DevSecOps

Vulnerability Management and DevSecOps with CI/CD

Many of the world's highest performing software development teams have adopted DevOps practices, simplifying software builds, testing, and deployment. But standard DevOps process fails to address a vital issue: security and vulnerability management. Learn how to shift security left and get your entire team onboard to maintain the security of their libraries and container images.

Seven Tips to Evaluate and Choose the Right DevSecOps Solutions

Demand for DevSecOps products has been growing strongly, as more companies realize the importance of integrating security into their DevOps pipelines. However, IT and DevOps pros who dive into the DevSecOps market looking for options quickly realize that the number of DevSecOps tools and frameworks is vast and confusing.

Delivering Container Security in Complex Kubernetes Environments

You may have noticed the VMware Tanzu team talking and writing a lot about container security lately, which is no accident. As DevOps and Kubernetes adoption continue their exponential growth in the enterprise, securing container workloads consistently is among the most difficult challenges associated with that transformation. There is a term we have been seeing—and using—a lot lately that encompasses a new way of looking at container security for Kubernetes: DevSecOps.

Barriers to DevSecOps Adoption

DevSecOps — or the merging of Ops and Security — has been at the center of discussion for the better part of the outgoing decade. Today, the complexity of infrastructure change, demands security and DevOps teams to work together more efficiently. But there are hurdles to adoption of DevSecOps as a methodology. Cloud-native applications often live in multiple clouds across data centers, co-location, and public clouds.

Tanzu Talk: DevSecOps for US Federal agencies (FIPs, STIGs, auditors, AOs, and all that)

When Federal people ask to secure a DevOps app creation and delivery process, what do they mean? Chris Willis joins Coté in this episode to answer that question with a #vmwaretanzu customer example: the Tanzu Build Service, buildpacks, Tanzu Application Service (Pivotal Cloud Foundry), and other components. He covers FIPS encryption requirements, STIGs, working with the authorizing official, and the overall practices and culture-think for securing build pipelines.

Three Transformations Powering App Modernization

The pandemic has accelerated digital business initiatives. Ultimately, it’s the application that delivers new capabilities to customers and employees; but transformation occurs at several layers to support those applications. At VMware, we see our customers navigating three transformations, each of which supports digital business and app modernization at different levels.

Embrace DevSecOps for Modern Apps with VMware Tanzu Advanced Edition

As enterprises prioritize application modernization initiatives, moving rapidly to adopt containers and cloud native patterns, VMware is pleased to announce the availability of VMware Tanzu Advanced edition. VMware Tanzu Advanced meets the moment. It simplifies and secures the container lifecycle, enabling teams to accelerate the delivery of modern applications across multiple clouds—a real DevSecOps approach.