In the world of software, containers are changing everything. We can build and deploy applications rapidly and flexibly. We can deploy in the cloud; we can scale with incredible reliability. Entire industries are evolving to empower organizations to move from traditional application development to cloud environments with full scale container deployments. Pivotal has emerged as a leader with Pivotal Cloud Foundry (PCF). PCF tools provide speed and reliability to run applications in the cloud at enterprise scale.
Containers and cloud deployments are changing the world of software security as well. In container deployments, components are comprised of primarily open source — at every layer, from the operating system to the application itself. As teams release faster, they continuously add new components. Meanwhile, an average of ten open source vulnerabilities were disclosed per day in 2016. In this rapidly changing environment it becomes incredibly difficult to understand which applications are impacted by vulnerabilities.
Black Duck Hub and Pivotal Cloud Foundry Integrate
Black Duck and Pivotal are working to solve this for you. Starting today, PCF customers can automatically scan droplets as they are instantiated with the Black Duck Hub Service Broker. The Hub Service Broker inventories all open source in your droplets and identifies any vulnerabilities. This simple tool can ensure that all your droplets have been reviewed. Armed with that knowledge, you can assess and remediate any vulnerabilities to ensure safe deployment of your PCF applications. And because Black Duck Hub continuously monitors the images you’ve scanned, you’ll be alerted when any newly reported open source vulnerabilities are found within your droplets.
Fast and Secure Cloud Development and Deployment
Black Duck and Pivotal have collaborated to integrate Black Duck Hub and Pivotal Cloud Foundry to deliver a Secure DevOps process and user experience for building and deploying applications to Pivotal Cloud Foundry.
- Pivotal enterprise customers can find Black Duck as a tile on the Pivotal Network.
- Black Duck Hub Service Broker enables the integrated use of Hub with Pivotal Cloud Foundry. Black Duck Hub interacts with the Pivotal Cloud Foundry build and application deployment process to automatically scan, analyze, and monitor applications and their contents.
- Pivotal enterprise customers can automate their Black Duck scans with third-party Continuous Integration (CI) tools such as Jenkins, Bamboo, Team City, and Microsoft VSTS/TFS.
For more information, check out our Pivotal partnership page.