sb-nz logo
Story image

Thycotic launches DevOps Secrets Vault solution for greater cloud security

Thycotic has launched a new ‘just in time’ functionality for cloud platform access security. The DevOps Secrets Vault solution supports dynamic secrets creation for infrastructure-as-a-service (IaaS) platforms Amazon Web Services (AWS), Microsoft Azure (Azure) and Google Cloud Platform (GCP), the company states.

Using this solution, organisations can ensure dynamic secrets are automatically generated at the time of request and can be used when a user or resource, such as a configuration tool, needs a credential with an expiry time.

Dynamic secrets also enable fine-grained authorisation through cloud policies. Furthermore, DevOps Secrets Vault integrates with additional tools in the DevOps pipeline, according to Thycotic.

Utilising a cloud-based AWS architecture, DevOps Secrets Vault offers rapid deployment, elastic scalability, and is purpose-built to handle the high-speed secrets management needs of many DevOps environments.

DevOps Secrets Vault now supports secrets access for Chef and Puppet and includes software development kits (SDKs) for Ruby and .NET. DevOps Secrets Vault also integrates with Jenkins, Kubernetes, Terraform and Ansible, and includes SDKs for Java, Go and Python.

In addition, users can authenticate to DevOps Secrets Vault through AWS, Azure, GCP and Thycotic One methods. GCP support includes the ability to authenticate via service and user accounts, Google Compute Engines (GCE) and Google Kubernetes Engines (GKE).

Thycotic One enables single sign-on and two-factor authentication via both TOTP and SMS methods.

According to IDG, almost two-thirds (61%) of companies use platform-as-a-service (PaaS), 89% use software-as-a-service (SaaS), and 73% use IaaS.

The impact of lost or stolen secrets on cloud platforms ranges from temporary disruptions to critical data loss.

Thycotic states that as organisations build software and applications on cloud IaaS platforms, the DevOps tools they use to manage that process include both open-source and commercial software, plug-ins to other tools, and library dependencies.

While this can advance operations, it’s possible to have vulnerabilities or misconfigurations that leak secrets, Thycotic states.

This happens when information isn’t improperly stored in memory or on disk, sent to logging systems, or leaked to other tools or processes.

Thycotic vice president of product management Jai Dargan says, “The exponential growth of hybrid multi-cloud adoption is continuing to stress-test existing security models and conventional approaches to Privileged Access Management.

“We know that organisations will migrate workloads to AWS, Azure and GCP at record speed this year, so CISOs need to do everything they can with the available solutions they have to limit risk associated with secrets proliferation.

“DevOps Secrets Vault is a cloud-based vault that balances the security and velocity that DevOps teams require for this growing part of the enterprise attack surface.

"With dynamic secrets, we have added a just-in-time approach to secrets management that further reduces the risk of compromised credentials.”

Story image
Slack unveils new security features as remote working skyrockets
Slack has introduced new security features, integrations and certifications to its platform in response to growing security concerns as more people work remotely.More
Story image
Who are the 2020 Mimecast A/NZ partner award winners?
“We congratulate all winners for being recognised as Mimecast's top performing partners and individual across the region.”More
Story image
Fortinet unveils firewall offering for hyperscale & 5G environments
The company continues to push the boundaries of hardware-accelerated performance for security and networking convergence.More
Story image
Machine identities increasingly exploited, new research finds
Venafi, the provider of machine identity management, finds that malware attacks using machine identities doubled from 2018 to 2019, including high-profile campaigns such as: TrickBot, Skidmap, Kerberods and CryptoSink.More
Link image
How to prioritise metrics as an e-commerce CTO
E-commerce technology leaders need to track, analyze, and act on large volumes of business and system performance data. Danny Miles, the CTO of Dollar Shave Club, shares a powerful framework for thinking about and prioritizing e-commerce metricsMore
Download image
Why there's a huge push for NFV in today's enterprises
To help networking and IT professionals better understand the opportunities and challenges associated with deploying NFV technology, new research based on responses from more than 1,300 IT and networking professionals from around the world is now available. More