I am excited to announce we have just launched DevOps Secrets Safe v20.2, expanding on the BeyondTrust portfolio's secrets management capabilities. DevOps Secrets Safe is a solution for centralized secrets administration (create, store, access, and audit) designed for the high volume and dynamic workloads found in DevOps environments. DevOps Secrets Safe helps organizations secure credentials and other secrets (passwords, API keys, certificates, etc.) used in their continuous integration and continuous delivery (CI/CD) tool chain, applications, automated processes and other non-human identities.
We have designed DevOps Secrets Safe for enterprise teams committed to DevOps best practices and dedicated to applying secure solutions at every step of the process. The solution’s architecture leverages the full stack of Kubernetes as the DevOps deployment platform of choice. This allows our customers flexibility in deployment to meet their business needs, whether it is to use their preferred cloud provider or to deploy on-premises. Most importantly, we can help our customers meet their complex enterprise security and compliance requirements, in a cost-effective way. Here are highlights of the release:
As infrastructure is deployed to support your DevOps workflows, there is often a need to create either default or specific application accounts. It’s important to initialize these accounts with unique, secure credentials, even during a fully automated build process. DevOps Secrets Safe can now generate policy-based secrets that comply with strict security requirements as part of your automated build pipeline.
Generating a password or credential for these newly created accounts helps to mitigate the practice of embedding static credentials in applications, tools, or source code. We accomplish this by creating a secret that can be dynamic and managed within DevOps Secrets Safe solution.
Azure DevOps Integration
Native integrations are a key component of allowing DevOps teams to easily consume DevOps Secrets Safe services from their CI/CD tools. Adding to the list of native integrations, Azure DevOps marketplace now has a DevOps Secrets Safe integration that can be used as a task for secret retrieval during a build pipeline, helping to secure your build process and increase the agility of your toolset.
We have built DevOps Secrets Safe with the goal to be vendor-agnostic across various aspects of the solution, including deployments, audit, and the back-end database that supports persistent storage of secrets and configurations. We have extended our supported back-end databases to include Microsoft SQL Server. Simply define MSSQL at deployment and utilize your existing enterprise database infrastructure to meet all your speed, scale, and resiliency requirements.
DevOps Secrets Safe includes a convenient CLI wrapping the REST API for administration of the solution. This CLI is now even easier to use and navigate with the addition of bash-completion, providing easy, application-specific command completion.
For more information about DevOps Secrets Safe, download the datasheet, browse the Release Notes, or contact us.
BeyondTrust DevOps Secrets Safe (solutions page).
Protecting DevOps Credentials: The Critical Initial Steps (blog)
Jason Jones, Director, Product Management
Jason has been building business applications and software products going on 15 years. With a background in Development, QA, Product Management, and wearing as many hats as possible at a medical startup, he has extensive experience with the entire product lifecycle. Jason has been working on BeyondTrust products for the past 10 years and has a primary focus on our Privileged Password and Session Management solutions.