BOSH Stemcells and vulnerability scanning

Jonathan Stockley

Hi, before deploying/upgrading a stemcell in production our security group runs vulnerability scans on our staging deployments.
The problem is that by the time we get the stemcell into staging (about a 4-6 weeks), they have updated the vulnerability database and then there scan find new issues.

How often are people upgrading stemcells in production?
How do you handle vulnerability scanning of BOSH deployed apps?
How about How do they address this?


Join to automatically receive all group messages.