You develop and deploy software in the cloud with Pivotal Cloud Foundry (PCF), deploying rapidly and depending on the reliability of PCF to turn applications at scale. But container security is a painful and time-consuming process. You need a solution that will integrate seamlessly with your cloud environment and manage security automatically. Black Duck by Synopsys provides a PCF service broker, which automatically scans and monitors the contents of your PCF droplets for open source risk, such as known security vulnerabilities or policy violations.
You can also find Black Duck on VMware Cloud Marketplace™.
VMware Cloud Marketplace™ enables you to discover and deploy validated third-party solutions for public, hybrid, and private clouds. With Black Duck on VMware Cloud Marketplace™, you can easily deploy Black Duck to manage all open source software risks in your applications or containers.
Easily install the Black Duck Service Broker from the Pivotal Network.
Ensure the security of all open source in your droplets using Black Duck’s PCF service broker.
Black Duck will monitor your code and alert you to newly reported open source vulnerabilities.
Integrate open source scans directly into CI/CD pipelines to increase speed and agility while ensuring security and compliance.