TAP 1.6 – CVE Triage Flow

July 31, 2023

TAP has many features which help with securing our software supply chain.

One of the key elements of security is obviously source code and image scanning which TAP has had since GA, but as we all know, finding the vulnerabilities is one thing, but how to triage these found vulnerabilities is an entire beast in it of itself, and this is actually where a lot of the true pain lies.

As per the documentation:

The new Triage feature of Tanzu Application Platform allows you to store vulnerability analysis information alongside the current data handled by SCST – Store. Using the Tanzu Insight CLI, users can now perform basic triaging functions against any detected vulnerabilities. The main objective is to reduce spreadsheet and tool toil by centralizing CVE scanning, identification, and triaging in one place.

Click here to continue reading this post at vrabbi.cloud

Associated Content

home-carousel-icon From the action bar MORE button.

Filter Tags

Tanzu Blog Community Content

Scott Rosenberg

Read More from the Author

With a wealth of experience in the realms of Cloud and Automation, Scott currently holds the prestigious position of Lead Architect in the CTO Office at TeraSky. His expertise spans from traditional legacy datacenters to innovative public cloud technologies and the cloud native ecosystem. Specializing in bridging the gap for customers, Scott eases their transition into the new era of digital transformation.