Pivotal has rolled out the beta release of a new Compliance Scanner for Pivotal Cloud Foundry (PCF). With this, it will become easier for customers to assess compliance across the PCF platform by scanning all BOSH-managed virtual machines against industry-recognized guidelines for secure configurations.
The idea is to help minimize the time between releases and also speed up the availability of new features and improvements, Jared Ruckle from Pivotal explains in a blog post.
As most third-party security and compliance scanners are not tuned for Bosh/Cloud Foundry stemcells, going from idea to production can take less than a day with PCF but it often takes much longer to receive the green light from the compliance team.
With the new Compliance Scanner for PCF, the bundled test suites are tuned for stemcells, and deliver the same confidence as external scanners by meeting industry-recognized SCAP standards.
Moreover, compliance teams can get a full report on the compliance posture of the entire platform in just a few clicks, and give developers the green-light to go to production.
The Compliance Scanner for PCF includes: the OpenSCAP scanner for the actual scanning, tests written by Pivotal Compliance Innovation in YML, and XGen: XCCDF Generator, which translates the YML tests to XCCDF formatted XML, as defined by the SCAP standard.
The team plans to post the scanner on PivNet in the coming weeks.