Tanzu pipelines support DAST tools that probe the running application for vulnerabilities (e.g., SQL injection, cross-site scripting) in a staging environment. This ensures that runtime behavior matches security expectations.
– You’ll need your own Tanzu cluster, which can be heavy for local testing. devsecops in practice with vmware tanzu pdf
In a Tanzu pipeline, Static Code Analysis is injected during the build phase. Before the container image is constructed, the code is scanned for secrets, syntax errors, and known vulnerability patterns. Tanzu pipelines support DAST tools that probe the