DevSecOps with Confidence

September 4, 2020

How to ship code faster in production without sacrificing security? How to maintain consistency in CI/CD pipelines with growing fragmentation of Kubernetes? These are quintessential challenges faced by enterprises. DevOps practitioners need a mental model & actionable toolset to build robust software delivery pipelines. Security of containers starts with a secure base image. Tanzu Build Service automates code-to-container workflows. Rebase without a rebuild delivers CVE fixes at scale. Harbor is embedded in the CI/CD pipeline to further secure images with RBAC, scan for CVEs & sign images as trusted. Traffic management in Tanzu Service Mesh helps with canary deployments. Metrics driven canaries, Testcontainers and API contracts help improve reliability of pipelines. We’ll demonstrate a GitOps based path to prod using Argo. Come to this session to learn how Tanzu simplifies DevSecOps. Maria Gabriella Brodi: Sr. Solution Engineer at VMware Prasanna Upperi: Senior Platform Architect at VMware Slides: https://www.slideshare.net/Pivotal/devsecops-with-confidence

Concourse for VMware Tanzu Is Now Packaged and Optimized for Platform Automation

The new platform automation release of Concourse for VMware Tanzu is now generally available.

Getting Started with VMware Tanzu Build Service 1.0

Learn how to deploy Tanzu Build Service locally on Kubernetes, then use it to build a new, custom application.

Why Tanzu

Paving the Road to Modern Apps

Tanzu Application Platform

Tanzu for Kubernetes Operations

Build apps

Modernize apps

Build your platform

Get started with VMware Tanzu

Developer Center

KubeAcademy

DevSecOps with Confidence

Previous

Next

DevSecOps with Confidence

Previous

Next

Related content in this Stream

The ability to respond to user feedback and ship new application code to production quickly and safely are hallmarks of successful digital enterprises. Continuous integration and continuous delivery (

There's been a lot of talk about controlling cloud costs by bringing workloads back to the datacenter, you know, private cloud. The three of us discuss what's going on here. Also, surveys...

There's been a lot of talk about controlling cloud costs by bringing workloads back to the datacenter, you know, private cloud. The three of us discuss what's going on here. Also, surveys consistently

There's a lot going on in the build, pipeline, CI/CD, supply chain space - so much so that there's all these phrases for the concept. Dagger.io is taking stab (hahahahah...) at builds and...

Tekton is a powerful and flexible open-source framework for creating CI/CD systems, allowing developers to build, test, and deploy across cloud providers and on-premise estates. Cloud-native and built

Don’t have real CI/CD in place? Check out the Tanzu Application Platform: https://tanzu.vmware.com/application-platform?utm_source=cote&utm_campaign=devrel&utm_content=14hurdlesPlatformNoCICD 14 Digi

Think you're doing frequent app releases and CI/CD? Maybe you're amazing! Survey says: probably not! After having some salad with my daughter and I, look baseline of what agile looks like for large or

Software supply chains are the evolution of CI/CD that will enable a smooth path to production.

Cartographer is an exciting new OSS project that elegantly addresses the difficulty of integrating various CI/CD tools to create secure and comprehensive pipelines. Join us as Cora Iberkleid and David

Looking for a build pipeline for your kubernetes apps? Check out this demo of the open source Cartographer project. Cartographerallows you to create secure and reusable supply chains that define all

You’re probably not doing CI/CD, maybe not even CI! If you’re going all kubernetes and cloud native, you need to solve that problem BEFORE DOING ANYTHING ELSE. It’s a good reason to check out VMware T

When you’re new to an industry, you encounter a lot of new concepts. This is especially true with DevOps, a fairly young corner of tech where things move very quickly, by design. Some of the concepts

Security as Code (SaC) is the methodology of codifying security tests, scans, and policies. Security is implemented directly into the CI/CD pipeline to automatically and continuously detect security v

Automated testing is a crucial step in modern software development. A quality automated test suite enables rapid development and deployment practices like CI/CD by providing a stable quality check bef

This video demonstrates how to integrate VMware Tanzu Build Service into continuous integration and continuous delivery (CI/CD) pipelines using Azure DevOps and Harbor. The sample code for the video

tanzu.tv/tt/64 Software development has changed dramatically in recent years; no longer can you afford to say, “That’s how we’ve always done it.” Applications are evolving rapidly, which requires y

We are always talking about new exciting technologies and which problems they solve at a higher level! But do you really know why there is a need for microservices architectures, DevOps, CI/CD, and mo

VMware Tanzu Build Service 1.1, now generally available, adds image signing capabilities, CLI enhancements, and beta support for Windows to accelerate containerization at scale.