Tanzu Talk: Secure DevSecOps for US Federal agencies (FIPs, STIGs, auditors, AOs, and all that)

When Federal people ask to secure a DevOps app creation and delivery process, what do they mean? Chris Willis joins me in this episode to answer that question with a #vmwaretanzu customer example that does all the DevSecOps stuff: the Tanzu Build Service, buildpacks, Tanzu Application Service (Pivotal Cloud Foundry), and other components. He covers FIPS encryption requirements, STIGs, working with the authorizing official, and the overall practices and culture-think for securing build pipelines.

Get a free consultation on DevSecOps with Tanzu Labs.

Free Forrester paper on container security.

Explainer of VMware Tanzu’s DevSecOps Tools.