Thycotic Releases New Version of DevOps Secrets Vault
June 08, 2020

Thycotic revealed a new just-in-time functionality that ensures security of cloud platform access.

The new release of Thycotic's DevOps Secrets Vault solution supports dynamic secrets creation for infrastructure-as-a-service (IaaS) platforms Amazon Web Services (AWS), Microsoft Azure (Azure) and Google Cloud Platform (GCP).

With DevOps Secrets Vault, dynamic secrets are automatically generated at the time of request and can be used when a user or resource, like a configuration tool, needs a credential but that access needs to expire after a set time. Dynamic secrets also enable fine-grained authorization through cloud policies. Limiting the scope of what the secret can do and the timeframe that the credential is valid greatly reduces any value of the secret to an attacker.

"The exponential growth of hybrid multi-cloud adoption is continuing to stress-test existing security models and conventional approaches to Privileged Access Management," said Jai Dargan, VP of Product Management at Thycotic. "We know that organizations will migrate workloads to AWS, Azure, and GCP at record speed this year, so CISOs need to do everything they can with the available solutions they have to limit risk associated with secrets proliferation. DevOps Secrets Vault is a cloud-based vault that balances the security and velocity that DevOps teams require for this growing part of the enterprise attack surface. With dynamic secrets, we have added a just-in-time approach to secrets management that further reduces the risk of compromised credentials."

DevOps Secrets Vault enables organizations to adopt enterprise-class secrets management for DevOps pipelines. The complexity and variety of tools within these pipelines require centralized management of privileged access to maintain security, unify privileged access management, and control costs.

Utilizing a cloud-based AWS architecture, DevOps Secrets Vault offers rapid deployment, elastic scalability, and is purpose-built to handle the high-speed secrets management needs of the most dynamic DevOps environments.

DevOps Secrets Vault now supports secrets access for Chef and Puppet and includes software development kits (SDKs) for Ruby and .NET. DevOps Secrets Vault also integrates with Jenkins, Kubernetes, Terraform, and Ansible, and includes SDKs for Java, Go, and Python.

Users can authenticate to DevOps Secrets Vault through AWS, Azure, GCP, and Thycotic One methods. GCP support includes the ability to authenticate via service and user accounts, Google Compute Engines (GCE) and Google Kubernetes Engines (GKE). Thycotic One enables single sign-on and two-factor authentication via both TOTP and SMS methods.

Share this

Industry News

July 13, 2020

Docker announced a collaboration with Amazon Web Services (AWS) to simplify the lives of developers by allowing them to focus on application development, streamlining the process of deploying and managing containers in AWS from their local development environment.

July 13, 2020

Perforce Software announced the release of a combined JRebel and XRebel plugin for the Eclipse IDE.

July 13, 2020

Spectro Cloud announced that its first product—Spectro Cloud—is now generally available.

July 09, 2020

ShiftLeft released a new version of NextGen Static Analysis (NG SAST), including new workflows, purpose-built for developers that significantly improve security, while enhancing productivity.

July 09, 2020

RunSafe Security announced a partnership with JFrog that will enable RunSafe to supercharge binary protections via a simple plugin that JFrog users can deploy within their Artifactory repositories and instantly protect binaries and containers.

July 09, 2020

LeanIX closed $80 million in Series D funding led by new investor Goldman Sachs Growth.

July 08, 2020

Afi.ai introduced Afi Data Platform, a cloud-based replication and resiliency service that helps to monitor, predict downtime and recover K8s applications.

July 08, 2020

D2iQ announced the release of Conductor, a new interactive learning platform that enables enterprises to access hands-on cloud native courses and training.

July 08, 2020

SUSE entered into a definitive agreement to acquire Rancher Labs.

July 07, 2020

Micro Focus announced AI-powered enhancements to the intelligent testing capabilities of the UFT Family, a unified set of solutions designed to reduce the overall complexity of automating the functional testing processes.

July 07, 2020

Push Technology announced the launch of a new Service API capability for Diffusion Cloud, Push’s Real-Time API Management Cloud Platform.

July 07, 2020

Lightrun exited stealth and announced $4M in seed funding for the first complete continuous debugging and observability platform for production applications.

July 01, 2020

JFrog announced the launch of ChartCenter, a free, security-focused central repository of Helm charts for the community.

July 01, 2020

Kong announced a significant upgrade to open source Kuma, Kuma 0.6, available today.

July 01, 2020

Compuware Corporation, a BMC company, announced new capabilities that further automate and integrate test data and test case execution, empowering IT teams to achieve high-performance application development quality, velocity and efficiency.