CyberArk and Ansible automate best security practices in DevOps pipeline
Source – indiatimes.com
Mumbai, India – CyberArk that have made their way inside the network perimeter, today announced the integration of the CyberArk Conjur secrets management solution with Ansible.
Organizations benefit from automating privileged account security best practices across DevOps environments while continuing to deliver new applications at high velocity. CyberArk will demonstrate the integration at AnsibleFest 2017.
As more organizations embrace DevOps, secrets – which consist of privileged accounts, SSH/API keys, passwords, certificates and more – are proliferating throughout the IT infrastructure. As with privileged accounts, secrets can be misused or intentionally targeted and exploited by malicious attackers to commandeer IT infrastructure, bypass security controls and facilitate enterprise-wide cyber-attacks.
Secrets are often hard-coded into files or application code, unchanged or unmanaged, and are typically shared between machines, such as micro services, tools and hosts; IT personnel; external developers; subcontractors and more. This dramatically expands the attack surface of an organization and represents a soft target for attackers to exploit.
The CyberArk Conjur integration with Ansible empowers DevOps and security teams with security tools to automatically manage and better secure secrets used by Ansible. The joint solution helps automate and audit security and management tasks related to secrets used by Ansible.
The CyberArk Conjur solution is an enterprise-proven, secrets management solution that is tailored specifically for the requirements of native cloud and DevOps environments.
The solution helps organizations secure and manage secrets used by machines, such as micro services, applications, scripts, hosts, and CI/CD and configuration management tools, as well as control access and monitor activities of privileged users throughout the DevOps pipeline.