Sectigo Releases Industry-First PKI DevOps Integrations for 5 Configuration Management and Orchestration Platforms
September 11, 2019

Sectigo released integrations with five of the most popular DevOps configuration management and container orchestration platforms.

The additions of Docker, Kubernetes, Ansible, Terraform, and soon HashiCorp Vault, deliver the industry’s most comprehensive PKI solution for DevOps. This unique combination of solutions will immediately help IT teams ensure their DevOps environments follow accepted security practices, meet compliance and auditability requirements, and provide crypto agility.

“All sizeable enterprises either use or are implementing DevOps today,” said Lindsay Kent, VP of Product Management, Sectigo. “As they do so, these enterprises are also finding that they suddenly need to become PKI experts and must roll out their own PKI to ensure identity for containers and related services.”

This exercise puts the enterprise in jeopardy as IT generalists must suddenly select, configure, and implement public key schemes without the benefit of background in this specialized field. Considerations like key size, certificate term length, and code deployment process all affect the security and compliance of containerized environments. As operations spin up DevOps environments, they often find themselves forced to make decisions about these and other aspects of PKI even though they may not understand the full consequences of these choices.

“These integrations between Sectigo Certificate Manager and the most popular DevOps orchestration tools give operations teams full visibility and control over the certificate properties they choose. An expert partner, like Sectigo, can ensure enterprises follow accepted security practices and can keep implementations current with changes in cryptography needed to stay safe in a changing computing environment,” added Kent.

The variety of certificates and specific use cases in any given DevOps environment is quite broad, as these are complex environments using many different technologies in conjunction. Supporting integrations with a variety of orchestration tools helps cover the enterprise’s complete operational footprint. Sectigo Certificate Manager integrates with supported tools using ACME (Automated Certificate Management Environment) or Sectigo’s RESTful APIs.

“Certificate-based authentication is a foundational element in many DevOps use cases, and one that often grows in complexity when an enterprise considers details such as public versus private servers, client authentication, and more,” said Fernando Montenegro, Principal Analyst, 451 Research. “We see a notable benefit for organizations to be able to use certificate management platforms that can address this complexity while integrating with popular configuration management and orchestration tools.”

IT teams will notably benefit from a centralized management platform that can be used to enforce the security policies across the organization. The Sectigo Certificate Manager platform is used by hundreds of enterprises across the globe to issue, renew, and manage certificates for their mission-critical applications. That means DevOps teams benefit from the reliability and speed of issuance that comes with a proven platform. In addition, if enterprises prefer, they can continue to use their DevOps tool or another PKI implementation for issuance and still use Sectigo Certificate Manager to monitor and report on their certificate deployments.

Sectigo’s latest integrations to its Certificate Management platform include:

- Docker — Allows DevOps teams to more easily create, deploy and run applications, delivering even greater value when paired with solutions like Kubernetes. By integrating with Docker, Sectigo can issue short lived public or private certificates to the applications running inside the Docker container.

- Kubernetes — Automates scaling, managing, updating, and removing containers, giving IT teams the flexibility needed to deliver applications consistently, no matter the size of the enterprise. Sectigo’s Kubernetes integration enables seamless certificate issuance and management using the Kubernetes native certificate controller.

- Ansible — Ansible-based automation aids lifecycle management for large certificate volumes in heterogeneous environments. By leveraging one of the leading tools in configuration management and server provisioning, Sectigo’s Ansible module eliminates complex security decision making and provides a transparent, platform-agonistic user experience for provisioning and managing TLS and client certificates.

- Terraform — This open-source tool creates, changes, and improves infrastructure. Sectigo’s Terraform integration enables the enrollment, collection, and revocation of certificates. Paired with HashiCorp Vault, Terraform provides secure storage for certificates and keys.

- HashiCorp Vault — HashiCorp Vault centrally manages and enforces access to secrets and systems based on trusted application sources and user identities. Sectigo Certificate Manager can assign certificates to applications protected by Vault and store keys and certificates used in DevOps environments.

Share this

Industry News

March 28, 2024

Check Point® Software Technologies Ltd. announced a collaboration with Microsoft that utilizes the Microsoft Azure OpenAI Service to enhance Check Point Infinity AI Copilot, marking a significant advancement in cyber security AI applications.

March 28, 2024

ArmorCode announced ArmorCode Risk Prioritization, providing a 3D scoring approach for managing application security risks.

March 28, 2024

AppViewX and Fortanix announced a partnership to offer cloud-delivered secure digital identity management and code signing.

March 27, 2024

WaveMaker has updated its platform in response to customer demand for more sophisticated API and code management tools.

March 27, 2024

Vercara announced the launch of UltraAPI™, a product suite that protects APIs and web applications from malicious bots and fraudulent activity while ensuring regulatory compliance.

March 27, 2024

Legit Security announced the launch of its standalone enterprise secrets scanning product, which can detect, remediate, and prevent secrets exposure across the software development pipeline.

March 26, 2024

Progress announced a strategic partnership with Veeam® Software, the #1 leader by market share in Data Protection and Ransomware Recovery, to provide customers with an enterprise-ready cyber defense solution that strengthens the security of their business-critical data.

March 26, 2024

GitGuardian released its Software Composition Analysis (SCA) module.

March 26, 2024

DataStax announced a milestone in its journey to simplify enterprise retrieval-augmented generation (RAG) for developers by integrating with Microsoft Semantic Kernel.

March 25, 2024

Check Point® Software Technologies Ltd. is collaborating with NVIDIA to enhance the security of AI cloud infrastructure. Integrating NVIDIA BlueField DPUs, which feature a broad range of purpose-built, innovative security capabilities, the new Check Point AI Cloud Protect solution will help prevent threats at both the network and host levels.

March 25, 2024

Sentry announced the release of Autofix, an AI-powered feature to debug and fix code in minutes, saving important time and resources.

March 25, 2024

Apiiro announced a product integration and partnership with Secure Code Warrior, the agile developer security training platform, to extend its ASPM technology and processes to the people layer.

March 21, 2024

Progress announced that Progress® Semaphore™, its metadata management and semantic AI platform, was named a Champion in SoftwareReviews’ 2024 Metadata Management Emotional Footprint Awards.

March 21, 2024

The Cloud Native Computing Foundation® (CNCF®) has partnered with Udemy, an online skills marketplace and learning platform.

March 21, 2024

GitLab has acquired Oxeye, the provider of a cloud-native application security and risk management solution.