Partnership to bolster DevOps security
One Identity has announced a partnership with HashiCorp. With the integration of One Identity’s privileged access management (PAM) Safeguard for Privileged Sessions, HashiCorp Vault users can now securely manage, monitor, record, and audit privileged and administrative access to their vaulted tokens, passwords, certificates, API keys and other secrets used in DevOps workflows.
The integration enables organisations to better manage and protect critical assets from potential cybersecurity threats and meet compliance requirements.
IT operations have completely changed over the last decade, with the focus now on rapid innovation and quickly pushing applications to production. To embrace these changes, DevOps practices have been widely adopted to reduce friction in development workflows but often introduce unforeseen security risks. These DevOps practices need to evolve to address these security challenges where DevOps environments evolve to include security, commonly referred to as DevSecOps.
DevSecOps best practices require full audits of privileged activity to data sources, application services and other vital tools and sensitive information within an enterprise. With the pressure to accelerate production and scalability, implementing security best practices to protect privileged access and credentials within DevOps environments is often overlooked. In fact, only 46% of developers are addressing security risks during early phases of development, SANS reported.
External bad actors are aware of these shortcomings, increasingly seeking out this negligence and leveraging public privileged credentials to gain access to sensitive files and data and, in some cases, conduct malicious attacks against the organisation, the products themselves and their users.
The integration between One Identity Safeguard and HashiCorp Vault enables organisations to effectively mitigate security risks associated with unprotected secrets while also maintaining the speed and scale that’s necessary for the DevOps environment. One Identity Safeguard's transparent protocol proxy technology allows humans and machines to be controlled and audited without interrupting or slowing down their workflows.
It enables organisations to gain the needed oversight of privileged access used with HashiCorp and inspects the protocol traffic on the application level and rejects traffic that violates policies. This eliminates unauthorised and unfettered access to resources and protects the network and sensitive data. Organisations can also monitor privileged sessions in real time with the ability to execute various actions if unusual or unwanted behaviour is detected. Actions can include sending an alert or immediately terminating a session.
“The time, education, and skills necessary to secure rapid, and iterative DevOps environments have historically been very limited, despite the severity of the potential pitfalls,” said Asvin Ramesh, Director of Technology Alliances at HashiCorp. “By connecting HashiCorp Vault with One Identity Safeguard, we’re giving our joint customers an integrated solution that offers continuous control, monitoring, and secure access and authentication in real time during this imperative stage of production.”
Implementing the One Identity Safeguard plugin to HashiCorp Vault customers takes minimal configuration changes and provides rapid ROI and increased security to organisations. As a result, the integrated solution helps prevent malicious actions or human error, as well as provides evidence for auditing, troubleshooting and forensics investigations to help customers meet regulatory compliance demands.
"HashiCorp is the market leader in cloud security automation, and we are thrilled to partner with them, providing their customers with access to our award-winning Safeguard solution,” added Darrell Long, VP of Product Management at One Identity. “This partnership will provide HashiCorp users with the ability to seamlessly bolster security and reduce risk using the tools that make them productive and safe, while maintaining the agility and scalability needed to compete in their respective markets.”