GitGuardian, a company specialising in secrets detection and remediation, has launched an industry-first partnership with CyberArk, a leader in identity security and secrets management. The collaboration establishes an all-encompassing solution to fortify secrets and non-human identities by equipping the secrets manager or vault with automated detection and remediation of leaks.
The combined solution addresses the issue of "Secrets Sprawl" in DevOps, facilitating robust security amidst growing cloud adoption, CI/CD and third-party APIs. The provision incorporates a probing phase dedicated for unmanaged secrets, in addition to real-time remediation loops.
According to Eric Fourrier, Co-founder and CEO of GitGuardian, "We're excited to partner with CyberArk, the leader in secrets management and identity security. As we all know - too often, it's human error and our failure to follow best practices that open up pathways for attackers. With our integration, security teams can be confident that they will be alerted when secrets are exposed and can take corrective action, drastically reducing the attack surface and improving their secrets security posture over time."
The partnership considers the unique requirements of securing secrets in the software development process. Following comprehensive application and infrastructure analysis, it has been concluded that maintaining secrets through rotation, management, and vaulting should form the basis of application security programmes. Thanks to the integration of GitGuardian and CyberArk, an additional layer of defence has been established to ensure safety in case of inadvertent human error.
The integrated offering, bridging GitGuardian Secrets Detection and CyberArk Conjur Cloud, is available as a stand-alone service and as an open-source project on GitHub. The unique solution enables security teams to detect leaks and manage their remediation. Kurt Sand, General Manager of DevOps Security at CyberArk, said, "Working with GitGuardian, we can now provide an additional layer of defense to ensure vaulted secrets remain secure by helping security teams uncover if any of their secrets have been leaked."
Key features include detecting secrets leaks in public sources and enforcing secrets management policies. The former certified by GitGuardian's unveiling of more than 20 million publicly exposed secrets on GitHub, and the latter advocated by the security team's ability to identify exposed secrets within their organisation's internal perimeter. Moreover, a continuous discovery phase and automated secret rotation when possible mark the remediation process.
The innovative solution promises to establish a streamlined security system that significantly reduces the time to remediation from weeks or days to mere minutes, thereby narrowing the window for exploitation. This collaboration between GitGuardian and CyberArk Conjur symbolises a robust move towards empowering security teams to address more incidents, as well as freeing developers to focus on what they love the most – writing code.