Security Processes and Stemcells
This section explains how Pivotal responds to security vulnerabilities, and how it tests and updates its stemcells, the versioned operating systems that its products run on.
Pivotal Cloud Foundry Security Overview and Policy: Pivotal’s responsible disclosure and vulnerability response procedures for the Pivotal Cloud Foundry (PCF) platform.
PCF Testing, Release, and Security Lifecycle: How Pivotal’s practices, tools, and organizational structures work together to create and support stable releases of PCF.
Understanding Floating Stemcells: How PCF automatically upgrades all compatible products when a new stemcell is available.
Windows Stemcell Hardening: The settings for Local Group Policy and Local Security Policy that Pivotal incorporates into its Windows 2012 stemcells to optimize security.
Linux Stemcell Hardening: How Pivotal secures Linux stemcells through regular testing and minimizing their surface of vulnerability.