Related content in this Stream
Trivy can now utilize CSAF VEX data to filter out false positives in CVE reports, maximizing the value of VEX documents in VMware Tanzu Application Catalog.
Bitnami-packaged open source software container images available in DockerHub are now signed by Notation, an implementation of the Notary Project specifications and a CNCF-incubating project.
There are many tools in the market to facilitate the deployment of open source software as containers in an air-gapped environment. But deploying open source software as Helm charts in an air-gapped e
Welcome to another edition of What’s new with Tanzu Application Catalog. This is a quarterly round up of all things related to Tanzu Application Catalog.
Learn how you can gain deep visibility into your open source software supply chain with the Software Package Data Exchange (SPDX) standard software bill of materials (SBoM) from Tanzu Application Cata
Tanzu Application Catalog now enables enterprises to meet data residency and data localization requirements while working with open source software.
Tanzu Application Catalog (an enterprise version of Bitnami Application Catalog) is a catalog of trusted, continuously maintained, and verifiably tested open source software images that is custom-buil
With Tanzu Application Catalog, enterprises can get open source software that is customized per their requirements, fully ready to be deployed, easy to use, and built on a SLSA L3 pipeline.
A new technology research paper by CCS Insight sheds light on the challenges enterprises face using open source software and offers insights into the value provided by Tanzu Application Catalog.
Reducing the number of CVEs in software is an important practice. But if compliance adherence becomes an obsession, bad practices that lower software quality will be adopted to achieve it.
Tanzu Application Catalog extends its software supply chain security capabilities by leveraging Notation for signing and verifying production-ready open source software artifacts.
Tanzu Application Catalog now ships multi-architecture container images, supporting both ARM64 as well as x86-64.
Learn about Kubeapps, one of the open source projects the VMware Bitnami team contributes to, and how you can use it to simplify your Kubernetes application deployments.
With VEX, SBoMs, and CVE scan results, Tanzu Application Catalog provides as a centralized source of truth where you can, not only get customizable, trusted and verified OSS applications and...
In a previous article, we explained how to use Sealed Secrets with existing Secrets. This approach is totally valid if you are trying to deploy Sealed Secrets in your cluster. However, this could...
VMware Tanzu Application Catalog now comes with several exciting new features like VEX documentation, ARM support, and graphical SBOMs, to help customers better manage security risks and...
The Kubernetes value line is becoming more clear as use cases start to coalesce around application development and delivery.
Open source software is the cornerstone of the modern application development process. The key to using open source responsibly is to ensure those apps are being built reliably, safely, securely, and