Tanzu Talk: DevSecOps for US Federal agencies (FIPs, STIGs, auditors, AOs, and all that)

January 21, 2021

When Federal people ask to secure a DevOps app creation and delivery process, what do they mean? Chris Willis joins Coté in this episode to answer that question with a #vmwaretanzu customer example: the Tanzu Build Service, buildpacks, Tanzu Application Service (Pivotal Cloud Foundry), and other components. He covers FIPS encryption requirements, STIGs, working with the authorizing official, and the overall practices and culture-think for securing build pipelines. Get a free consultation on DevSecOps with Tanzu Labs: https://tanzu.vmware.com/office-hours?utm_source=cote&utm_medium=video&utm_campaign=TanzuTalk&utm_content=FedDevSecOps Free Forrester paper on container security: https://tanzu.vmware.com/content/analyst-reports/best-practices-for-container-security?utm_source=cote&utm_medium=video&utm_campaign=TanzuTalk&utm_content=FedDevSecOps Explainer of VMware Tanzu’s DevSecOps Tools: https://tanzu.vmware.com/content/webinars/jan-14-three-essentials-for-delivering-containers-at-scale-a-real-devsecops-approach?utm_source=cote&utm_medium=video&utm_campaign=TanzuTalk&utm_content=FedDevSecOps

Previous
How VMware IT Runs Modern Applications Better and Faster
How VMware IT Runs Modern Applications Better and Faster

  by Varinder Kumar, Senior IT Director Manas Singh, IT Manager—Application Platforms, and Pervinder Sudan,...

Next Video
Tanzu Talk: DevSecOps Buzzword Check (plus, securing containers)
Tanzu Talk: DevSecOps Buzzword Check (plus, securing containers)

What problem is DevSecOps solving? Was DevOps not secure already? In this video, I go over my understanding...