Centrify Releases Privileged Access Service 20.4
August 31, 2020

Centrify added additional modern Privileged Access Management (PAM) integration capabilities enabling DevSecOps with new Secure Shell (SSH) key management features included in the 20.4 release of Centrify Privileged Access Service.

By going beyond traditional application-to-application password management (AAPM) approaches, Centrify offers a broad range of capabilities that keep privileged access controls and security out of the way for developers, machines, and administrators.

An ongoing challenge for DevOps is seamlessly inserting PAM into the pipeline to simplify and centralize credential management. With standard AAPM this is complicated to deploy and requires a lot of manual administration. Standard AAPM approaches have leveraged the password vault for PAM, relying on IDs and static passwords to authenticate applications and services to other workloads. Some organizations prefer to use SSH keys, since they’re harder to crack and there’s no password crossing the wire.

Centrify Privileged Access Service 20.4 has extended SSH key vaulting capabilities beyond key storage and log in to now support SSH key management (inclusive of key rotation), setting policies for SSH key rotation, and leveraging an account that has an SSH key for system and account discovery operations.

“SSH keys are a step up in security posture from simple vaulting of shared, static passwords for AAPM because they can meet the most stringent governance and compliance standards while increasing agility and productivity,” said Tony Goulding, Cybersecurity Evangelist at Centrify. “However, those SSH keys still need to be managed by a set of policies, and rotated to ensure they are dynamic. These new capabilities all feed into our vision for a more modern approach to AAPM, which progressively reduces the number of service accounts and shrinks the attack surface.”

The breadth of Centrify’s platform gives DevOps teams several choices based on specific context, their maturity, and their risk tolerance. For example, while SSH keys offer a familiar solution that transcends simple password vaulting, they both still require rotation as a best practice. A more mature AAPM approach may be to use ephemeral tokens, created automatically on-demand, that are temporary, time-based, and have automatic or one-time-use expirations. This approach frees up DevOps from manual administration, application availability issues related to out-of-sync passwords, and empowers a “Just-in-Time" access control model.

Ultimately, Centrify’s vision calls for flexibility to transcend standard AAPM models and offer the right credential for the right use case, including a new approach that uses both ephemeral tokens and a trusted machine identity. Centrify Delegated Machine Credentials eliminate the requirement for hundreds or thousands of additional service accounts.

“Organizations may be at any point of maturity in both their PAM and DevOps journeys, but the good news is that a range of options are now available to build PAM into the DevOps pipeline,” Goulding continued.

Share this

Industry News

July 15, 2025

Perforce Software launched a breakthrough in agentic AI testing with the ability to turn plain language inputs into resilient, execution-ready test actions.

July 15, 2025

OutSystems announced the Early Access Program for OutSystems Agent Workbench.

July 15, 2025

Harness Infrastructure as Code Management (IaCM) added major new features focused on reusability and scalability: Module Registry and Workspace Templates.

July 15, 2025

F5 announced new tools to reduce the immense complexity cross-functional operations (XOps) teams face in managing hybrid, multicloud, and AI-driven application environments.

July 15, 2025

BlueOptima has entered into an agreement to acquire the DevOps solutions business from Cirata, an AIM-listed provider of data and analytics migration solutions.

July 14, 2025

Google Cloud announced three major advancements for developers using Firebase.

July 14, 2025

Legit Security announced a major new feature that furthers its commitment to better serve the AI-first developer community: Legit MCP (Model Context Protocol) Server.

July 14, 2025

Pentera introduced a capability to uncover and validate risk exposure from data in Git repositories.

July 14, 2025

Domino Data Lab announced the launch of its Vibe Modeling offering.

July 10, 2025

MetTel announced a strategic partnership with Check Point Software Technologies to deliver an advanced mobile threat defense solution for enterprise customers.

July 10, 2025

Docker announced major new capabilities that make it easier for developers to build, run, and scale intelligent, agentic applications.

July 10, 2025

Azul announced a strategic partnership to deliver near-zero Common Vulnerabilities and Exposures (CVEs) third-party container images backed by Azul’s Java support.

July 10, 2025

Mirantis is extending support for Swarm for another five years.

July 10, 2025

Yellow Tail Tech, the training provider known for empowering adults with no IT background to launch successful technology careers, announced the rollout of two advanced programs: the Ansible Automation Certification Prep Track and the DevOps on AWS Track.

July 09, 2025

Red Hat announced Red Hat Enterprise Linux for Business Developers to simplify access to Red Hat's enterprise Linux platform for business-focused development and testing scenarios.