Thycotic Releases New Version of DevOps Secrets Vault
June 08, 2020

Thycotic revealed a new just-in-time functionality that ensures security of cloud platform access.

The new release of Thycotic's DevOps Secrets Vault solution supports dynamic secrets creation for infrastructure-as-a-service (IaaS) platforms Amazon Web Services (AWS), Microsoft Azure (Azure) and Google Cloud Platform (GCP).

With DevOps Secrets Vault, dynamic secrets are automatically generated at the time of request and can be used when a user or resource, like a configuration tool, needs a credential but that access needs to expire after a set time. Dynamic secrets also enable fine-grained authorization through cloud policies. Limiting the scope of what the secret can do and the timeframe that the credential is valid greatly reduces any value of the secret to an attacker.

"The exponential growth of hybrid multi-cloud adoption is continuing to stress-test existing security models and conventional approaches to Privileged Access Management," said Jai Dargan, VP of Product Management at Thycotic. "We know that organizations will migrate workloads to AWS, Azure, and GCP at record speed this year, so CISOs need to do everything they can with the available solutions they have to limit risk associated with secrets proliferation. DevOps Secrets Vault is a cloud-based vault that balances the security and velocity that DevOps teams require for this growing part of the enterprise attack surface. With dynamic secrets, we have added a just-in-time approach to secrets management that further reduces the risk of compromised credentials."

DevOps Secrets Vault enables organizations to adopt enterprise-class secrets management for DevOps pipelines. The complexity and variety of tools within these pipelines require centralized management of privileged access to maintain security, unify privileged access management, and control costs.

Utilizing a cloud-based AWS architecture, DevOps Secrets Vault offers rapid deployment, elastic scalability, and is purpose-built to handle the high-speed secrets management needs of the most dynamic DevOps environments.

DevOps Secrets Vault now supports secrets access for Chef and Puppet and includes software development kits (SDKs) for Ruby and .NET. DevOps Secrets Vault also integrates with Jenkins, Kubernetes, Terraform, and Ansible, and includes SDKs for Java, Go, and Python.

Users can authenticate to DevOps Secrets Vault through AWS, Azure, GCP, and Thycotic One methods. GCP support includes the ability to authenticate via service and user accounts, Google Compute Engines (GCE) and Google Kubernetes Engines (GKE). Thycotic One enables single sign-on and two-factor authentication via both TOTP and SMS methods.

Share this

Industry News

May 06, 2021

Splunk announced the new Splunk Observability Cloud, the full-stack, analytics-powered and enterprise-grade Observability solution.

May 06, 2021

Gluware unveiled its DevOps for NetOps framework featuring Gluware Lab, its integrated development environment (IDE).

May 06, 2021

Ambassador Labs announced the new Ambassador Developer Control Plane (DCP), whichgives developers the ability to manage the entire modern software development lifecycle for Kubernetes environments using tools and processes that are familiar to them.

May 06, 2021

Code Dx and Secure Code Warrior have teamed up to launch Project Better Code, an initiative to tackle a major challenge facing innovative organizations today – pushing the pace of software development without compromising software security.

May 06, 2021

Pegasystems announced the latest evolution of its Pega Infinity software suite to help speed and simplify digital transformation (DT) initiatives, Pega Infinity version 8.6.

May 06, 2021

Accurics announced that its open source project Terrascan, which enables teams to detect compliance and security violations across Infrastructure as Code (IaC), now integrates with the Argo Project.

May 05, 2021

Amazon Web Services announced the general availability of Amazon DevOps Guru, a fully managed operations service that uses machine learning to make it easier for developers to improve application availability by automatically detecting operational issues and recommending specific actions for remediation.

May 05, 2021

SmartBear has added API testing support for the popular, open source event streaming platform, Apache Kafka.

May 05, 2021

Red Hat unveiled its Developer Sandbox for Red Hat OpenShift, an OpenShift-based development environment designed to enable organizations to accelerate the path from code to production for Kubernetes-based applications.

May 05, 2021

DevOps Institute announced the lineup for SKILup Days in the second quarter of 2021.

May 05, 2021

Idera announced the acquisition of Xblend Software.

May 04, 2021

ThoughtSpot announced the launch of ThoughtSpot Everywhere.

May 04, 2021

Perforce Software announced the availability of virtual devices (Android emulators and iOS simulators) as part of the comprehensive device lab within Perfecto’s Intelligent Test Automation platform.

May 04, 2021

LogiGear announced the newest release of its flagship TestArchitect™ Enterprise product, TestArchitect Enterprise 9.0.

May 04, 2021

Rafay Systems announced new enhancements to its flagship Kubernetes Management Cloud (KMC).