It is my pleasure to announce the release of BeyondTrust DevOps Secrets Safe. DevOps Secrets Safe provides secure, centralized management and auditing of secrets and other privileged credentials used by applications, tools, and other non-human identities. The solution is purpose-built to meet the demands of the high-volume and high-change workloads found in DevOps environments.
The DevOps Secrets Safe architecture and deployment model help organizations to reduce the security and compliance risks associated with secrets sprawl, while enabling the peak agility and performance needs of DevOps. Here are highlights of the release:
Securely Store & Retrieve Secrets
DevOps Secrets Safe automates the secure storage and access of secrets of any kind: API Keys, Passwords, Certificates, etc., used by applications, tools, and other non-human identities, in a centralized safe. The secure, central repository means you can eliminate the need for multiple secrets management approaches using separate tools. The solution also enables organizations to control access to applications and systems with the same granularity you would a human user. This centralized, holistic approach to DevOps secrets management also enables the uniform application of policies and the reduction of management effort, helping enhance both security and productivity.
DevOps Secrets Safe securely and consistently manages the entire lifecycle of DevOps secrets within enterprises, including authentication, authorization, and comprehensive auditing.
Treat Applications as Identities
In the context of secrets management, applications and machines are nonhuman consumers of secrets. Applications assume privileged access in automated workflows, so it is critical that they are identified, authorized, and audited. This feature enables the automated administration of applications as identities and the audit of secrets access.
High Availability & Performance
Organizations must meet security standards around privileged access management in all areas, including traditional IT and highly elastic DevOps environments. These requirements are best addressed by enterprise-class solutions that offer uncompromising security and stability, while enabling the speed and agility required by DevOps workflows. DevOps Secrets Safe’s architecture and deployment model helps organizations to meet these stringent resiliency, scalability, and performance requirements, out-of-the-box. The DevOps Secrets Safe architecture is based on microservices built on Docker containers and targeting Kubernetes as a deployment platform. This modern application architecture provides a highly scalable, fault-tolerant deployment.
Comprehensive Audit Trail and Recordkeeping
Organizations must meet compliance requirements around privileged access. A complete, readily accessible audit trail is generated by DevOps Secrets Safe for log aggregation of all secrets and credential operations. This approach leverages the enterprise aggregator tools and helps to demonstrate compliance with security policies and regulations. Customers also have the ability to audit the entire secrets lifecycle.
Native Integrations with DevOps Toolchain
An effective secrets management solution that truly enables DevOps agility leverages native integrations with common DevOps tools. DevOps Secrets Safe supports integrations with a number of tools, such as Ansible, Jenkins, and Azure DevOps, and has a simple REST interface for broad integration support.
REST-API First Approach and Command Line Interface (CLI) UX
Developers continuously strive to deliver code faster. Their agile workflows may be disrupted by security tools that work counter to their practices, slowing down productivity. DevOps Secrets Safe is designed to enable the agility sought by DevOps teams by providing a REST API-first approach. This enables DevOps workflows with full application coverage for peak agility. As the preferred UX for developers, providing a CLI tool for administration and easy API integration enables faster solution deployment and adoption. This increases velocity and agility in the DevOps pipeline.
Jason Jones, Senior Product Manager
Jason has been building business applications and software products going on 15 years. With a background in Development, QA, Product Management, and wearing as many hats as possible at a medical startup, he has extensive experience with the entire product lifecycle. Jason has been working on BeyondTrust products for the past 7 years and has a primary focus on our Privileged Password and Session Management solutions.