Synopsys Seeker IAST Service Broker for PCF
WARNING! The Synopsys Seeker IAST Service Broker for PCF tile is currently in beta and is intended for evaluation and test purposes only. Do not use this product in a PCF production environment.
This documentation describes the Synopsys Seeker IAST Service Broker for Pivotal Cloud Foundry (PCF). The Synopsys Seeker IAST Service Broker for PCF enables developers to add interactive application security testing (IAST) in PCF deployments. Synopsys Seeker gives unparalleled visibility into your web app security posture and identifies vulnerability trends against compliance standards, for example, OWASP Top 10, PCI DSS, and CWE/SANS.
The Synopsys Seeker IAST Service Broker for PCF registers a service broker with PCF and exposes its service plans on the Marketplace. Developers can then create service plan instances using Apps Manager or the Cloud Foundry Command Line Interface (cf CLI) and bind them to their apps.
Creating a Synopsys Seeker service instance and binding it to an app allows the Seeker agent to be deployed with your PCF app during deployment. The Seeker agent uses instrumentation techniques and runtime analysis to continuously monitor, identify, and verify security vulnerabilities in web apps.
Typically, Seeker analysis is executed during the test or QA stage of the software development life cycle.
Using the Synopsys Seeker IAST Service Broker for PCF, you can:
- Import the Synopsys Seeker IAST Service Broker into your Marketplace.
- Provide the Seeker Service for any PCF app.
- Bind the Seeker agent to any app running on PCF.
- Automate the Seeker agent injection during deployment.
- Provide IAST capabilities in your PFC environment, which accurately identifies and verifies vulnerabilities.
The following table provides version and version-support information about Synopsys Seeker IAST Service Broker for PCF.
|Release date||July 09, 2019|
|Compatible Ops Manager version(s)||v2.3.x, v2.4.x, v2.5.x, and v2.6.x|
|Compatible Pivotal Application Service version(s)||v2.3.x, v2.4.x, v2.5.x, and v2.6.x|
|BOSH stemcell version||Ubuntu Xenial|
Synopsys Seeker IAST Service Broker for PCF has the following requirements:
- A licensed version of Synopsys Seeker. Contact our software security expert to request a license.
The Synopsys Seeker IAST Service Broker is Licensed under the Synopsys End User Software License and Maintenance Agreement Version 2019.1.