Using Tanzu Observability (formerly Wavefront) to monitor security events, anomalous behavior, and compliance metrics in real-time. 3. Implementing DevSecOps: Step-by-Step
Orchestrates containers across multi-cloud environments, ensuring consistent, hardened Kubernetes environments 1.2.3.
"DevSecOps in Practice with VMware Tanzu" (published January 2023) provides a comprehensive guide to automating security across the software supply chain using tools like Tanzu Build Service and Tanzu Mission Control. The resource focuses on implementing "intrinsic security," shifting security left to build, run, and manage compliant applications. Access the Packt Publishing eBook for the full text. DevSecOps in Practice with VMware Tanzu - Packt devsecops in practice with vmware tanzu pdf
Organizations can also harden the Tanzu Application Platform by setting up remote authentication providers, using firewalls or VPNs, and leveraging networking security measures. The Tanzu Developer Portal, built on Backstage, provides an internal developer portal that simplifies how teams coordinate, collaborate, and execute across multiple business units.
Tanzu Application Platform includes security practices such as container image vulnerability scanning earlier in the path to production. The Supply Chain Security Tools (SCST) framework provides scanning and gatekeeping capabilities that application and DevSecOps teams can incorporate early in their development lifecycle—a best practice for reducing security risk and ensuring more efficient remediation. "DevSecOps in Practice with VMware Tanzu" (published January
Implementing DevSecOps is not merely about buying a set of tools—it is a cultural and technical transformation. VMware Tanzu provides the building blocks to make this transformation practical.
With Tanzu, Jane's team achieves significant benefits: DevSecOps in Practice with VMware Tanzu - Packt
Here are the 3 key takeaways from the PDF: