BeyondTrust expands PAM offering for devops environments
Launches DevOps Secrets Safe to strengthen credential protection in DevOps environments
BeyondTrust, the worldwide leader in Privileged Access Management (PAM), announced the release of DevOps Secrets Safe to help organisations store, access and audit secrets and privileged credentials used by applications, tools and other non-human identities. The enterprise-level solution is designed for the high-volume and high-change workloads found in DevOps environments.
This expansion in BeyondTrust’s product portfolio addresses a significant challenge for enterprises and mid-market companies—safeguarding the “unmanageable number” of credentials and secrets used in DevOps workflows, according to Dan DeRosa, senior vice president of product management at BeyondTrust.
“BeyondTrust is always evolving our product portfolio to better equip customers with the privileged access management solutions they need to meet the challenges of credential administration,” DeRosa said. “DevOps Secrets Safe is a highly scalable solution that adapts to the speed and agility required in dynamic DevOps workflows. It will help organisations limit the risk associated with substantial unmanaged privileged credentials and secrets without causing friction in highly dynamic environments such as DevOps.”
Companies that try to protect secrets with manual storage solutions or with the basic credential storage offered by many Continuous Integration/Continuous Delivery (CI/CD) tools are “taking a huge risk,” according to DeRosa. Typically, these solutions are not built with security as a driving factor and their use for secrets management contributes to credential sprawl and make the company, its customers and its intellectual property vulnerable.
In contrast, DevOps Secrets Safe offers capabilities that meet the stringent security requirements of enterprises:
- Secure storage and central management of credentials and secrets (e.g., passwords, API keys, certificates) for DevOps workflows, without the need to embed or hardcode passwords or other secrets within code or scripts
- Scalable, fault tolerant, and highly available, the solution is built on Docker containers targeting Kubernetes for deployment
- A REST API-first approach and a CLI tool for easy API interaction support the way developers work today
- Audit trail of all secrets operations and ability to audit the entire secrets lifecycle