The Value of Image Scanning
Scanning container images for vulnerabilities and misconfigurations is one of the best ways to reduce risk and exploitability. Vulnerable images and misconfigurations pose a great threat to the entire security of your application. While it is critical to scan the CI/CD pipeline, monitoring the image posture in a dynamic environment like Kubernetes is just as important. To prevent these susceptible images from posing a security risk to your application, you must scan throughout the entire application lifecycle.
Announcing VMware Tanzu Application Platform and VMware Carbon Black Container Integration
As a part of the latest VMware Tanzu Application Platform (TAP) 1.3 release, we are excited to announce that TAP customers will now be able to integrate with and utilize the VMware Carbon Black Container vulnerability scanning capabilities. Users can now simplify the process of getting started and leverage their existing investments. Additionally, a centralized vulnerability monitoring dashboard will be introduced to aid Development teams with their pre-deployment security checks.
These new capabilities will help existing VMware Tanzu Application Platform users:
- Shift security left
- Reduce friction between security and development
- Increase efficiency across teams
- Accelerate the path to production
Image Scanning with VMware Carbon Black Container
Through seamless integration into the CI/CD pipeline and existing processes in TAP, Development teams can address vulnerabilities and misconfigurations at build, quickly and more efficiently. This increase of visibility and risk prioritization allows them to deliver applications faster, without ever compromising security.
Additionally, Security teams can identify vulnerabilities at runtime and regulate which registries and repositories are allowed in production. This enables them to easily enforce security standards and compliance by restricting container deployments to prevent running unauthorized workloads. They can automate minimum security standards and compliance requirements to align with security frameworks, such as STIG or CIS to make compliance easier than ever before.
Additional Resources
To learn more about the TAP 1.3 release, check out our press release and make sure to sign up for our upcoming webinar “What’s New with Tanzu Application Platform 1.3”. Additionally, you can learn more about VMware Carbon Black Container and how to get started here.