Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available.
Conjur announced the availability of Secrets Rotation, Automation and Monitoring, providing clients with fully automated secrets management.
“Secrets” are credentials such as passwords and API keys that provide privileged access to IT systems. Secrets need to be changed, or “rotated” periodically, sometimes daily, in order to help prevent unauthorized access to systems.
Incorporated into the Conjur privileged access management software, Secrets Rotation, Automation and Monitoring offloads the secrets management burden from DevOps and software developers, and provides companies with a clear view into compliance with secrets rotation policies. Clients can simply log in to their Conjur dashboard to view the rotations and schedule and rotate on demand.
“Secrets management is a security best practice that absolutely requires automation given the scale and complexity of today’s digital business systems,” said Elizabeth Lawler, CEO of Conjur. “Without clear insights into when secrets are rotating, and confirmation that rotations have occurred without failure, it’s virtually impossible to confirm that you’re compliant – and that your information is safe.”
Secrets management is a critical aspect of security, but current solutions lack clear visibility into rotation history. Conjur alerts to rotation failures, and the intuitive user interface design makes it simple for clients to produce an audit trail to demonstrate compliance.
Secrets rotation is an element of security best practices, but managing it can be expensive when you’re talking about digital business systems composed of thousands of interconnected cloud instances, microservices, databases, and other system entities. With policy-driven automation of secrets rotation, a simple dashboard and clear insights into secrets management, Conjur is taking the risk and guesswork out of compliance, allowing clients to focus on delivering the best user experience to customers, rather than system administration and worrying about digging through data to produce proof of compliance.
Secrets Rotation, Automation and Monitoring is currently available to Conjur clients and integrates to secure a wide variety of legacy and cloud resources.
Industry News
Mirantis, freeing developers to create their most valuable code, today announced that it has acquired the Santa Clara, California-based Shipa to add automated application discovery, operations, security, and observability to the Lens Kubernetes Platform.
Section announced it is making it easier than ever to deploy and scale a Mastodon server; in just a few clicks, developers can use Section’s global platform to ensure a superior user experience at a fraction of the cost.
SmartBear has integrated the powerful contract testing capabilities of PactFlow with SwaggerHub.
Venafi introduced TLS Protect for Kubernetes.
Tricentis announced the general availability of Tricentis Test Automation, a cloud-based test automation solution that simplifies test creation, orchestration, and scalable test execution for easier collaboration among QA teams and their business stakeholders and faster, higher-quality, and more durable releases of web-based applications and business processes.
Couchbase announced its Couchbase Capella Database-as-a-Service (DBaaS) offering on Azure.
Mendix and Software Improvement Group (SIG) have announced the release of Mendix Quality & Security Management (QSM), a new cybersecurity solution that provides continuous deep-dive insights into security and code quality to immediately address risks and vulnerabilities.
Panaya announced a new Partnership Program in response to ongoing growth within its partner network over the past year.
Cloudian closed $60 million in new funding, bringing the company’s total funding to $233 million.
Progress announced the R1 2023 release of Progress Telerik and Progress Kendo UI.
Wallarm announced the early release of the Wallarm API Leak Management solution, an enhanced API security technology designed to help organizations identify and remediate attacks exploiting leaked API keys and secrets, while providing on-going protection against hacks in the event of a leak.
ThreatModeler launched Threat Model Marketplace, a cybersecurity asset marketplace offering pre-built, field-tested threat models to be downloaded — free for a limited time — and incorporated into new and ongoing threat modeling initiatives.