The Snyk Service Broker for Tanzu enables developers to easily scan and protect their applications from known vulnerabilities.
The Snyk Broker for Tanzu tile installs the Snyk service broker as an app, registers it as a service broker on Tanzu, and exposes its service plans to the marketplace. This allows users to directly create service instances and bind them to their applications either from Tanzu Apps Manager or from the command line.
Once Snyk service is bound to an application, every time “cf push” is performed Snyk will scan the app for known vulnerabilities and would be able to reject the deployment of vulnerable application or container artifacts. In case Snyk monitor flag is enabled, Snyk will continuously monitor your app and alert you on new vulnerabilities. The scan results are available as part of the “cf push” output and in Snyk’s dashboard.