This documentation describes the Synopsys Seeker IAST Service Broker for VMware Tanzu. Synopsys Seeker IAST Service Broker for VMware Tanzu enables developers to add interactive application security testing (IAST) in VMware Tanzu deployments. Synopsys Seeker gives unparalleled visibility into your web app security posture and identifies vulnerability trends against compliance standards, for example, OWASP Top 10, PCI DSS, and CWE/SANS.
Overview
Synopsys Seeker IAST Service Broker for VMware Tanzu registers a service broker with VMware Tanzu and exposes its service plans on the Marketplace. Developers can then create service plan instances using Apps Manager or the Cloud Foundry Command Line Interface (cf CLI) and bind them to their apps.
Creating a Synopsys Seeker service instance and binding it to an app allows the Seeker agent to be deployed with your VMware Tanzu app during deployment. The Seeker agent uses instrumentation techniques and runtime analysis to continuously monitor, identify, and verify security vulnerabilities in web apps.
Typically, Seeker analysis is executed during the test or QA stage of the software development life cycle.
Key Features
Using the Synopsys Seeker IAST Service Broker for VMware Tanzu, you can:
- Import the Synopsys Seeker IAST Service Broker into your Marketplace.
- Provide the Seeker Service for any VMware Tanzu app.
- Bind the Seeker agent to any app running on VMware Tanzu.
- Automate the Seeker agent injection during deployment.
- Provide IAST capabilities in your PFC environment, which accurately identifies and verifies vulnerabilities.
Product Snapshot
The following table provides version and version-support information about Synopsys Seeker IAST Service Broker for VMware Tanzu.
| Element | Details |
|---|---|
| Version | v1.3.2 |
| Release date | December 23, 2019 |
| Seeker | 2018.09+ |
| Compatible Ops Manager version(s) | v2.4.x, v2.5.x, v2.6.x, v2.7.x, and v2.8.x |
| Compatible VMware Tanzu Application Service for VMs version(s) | v2.4.x, v2.5.x, v2.6.x, v2.7.x, and v2.8.x |
| BOSH stemcell version | Ubuntu Xenial |
Requirements
Synopsys Seeker IAST Service Broker for VMware Tanzu has the following requirements:
- A licensed version of Synopsys Seeker. Contact our software security expert to request a license.
Feedback
If you have a feature request, questions, or information about a bug, please email VMware Tanzu Feedback list or contact Synopsys Support.
License
Synopsys Seeker IAST Service Broker is Licensed under the Synopsys End User Software License and Maintenance Agreement Version 2019.1.
