|CyberArk and Ansible Automate Security Best Practices in DevOps Pipelines|
|View printer-friendly version|
Integrated Solution with Ansible Helps Secure DevOps Environments Without Impacting Workflow and Agility
As more organizations embrace DevOps, secrets – which consist of privileged accounts, SSH/API keys, passwords, certificates and more – are proliferating throughout the IT infrastructure. As with privileged accounts, secrets can be misused or intentionally targeted and exploited by malicious attackers to commandeer IT infrastructure, bypass security controls and facilitate enterprise-wide cyber attacks.
Secrets are often hard-coded into files or application code, unchanged or unmanaged, and are typically shared between machines, such as microservices, tools and hosts; IT personnel; external developers; subcontractors and more. This dramatically expands the attack surface of an organization and represents a soft target for attackers to exploit.
The CyberArk Conjur integration with Ansible empowers DevOps and security teams with security tools to automatically manage and better secure secrets used by Ansible. The joint solution helps automate and audit security and management tasks related to secrets used by Ansible. CyberArk Conjur provides for secrets used by Ansible to be authenticated, authorized and audited without interfering with workflows familiar to Ansible users.
“DevOps and the automated software delivery pipeline utilize multiple
tools that require powerful secrets, which if compromised, will result
in costly compromises and a vulnerable pipeline of products,” said
The CyberArk Conjur solution is an enterprise-proven, secrets management solution that is tailored specifically for the requirements of native cloud and DevOps environments. The solution helps organizations secure and manage secrets used by machines, such as microservices, applications, scripts, hosts, and CI/CD and configuration management tools, as well as control access and monitor activities of privileged users throughout the DevOps pipeline.
“Adopting DevOps workflows and driving successful outcomes for the development and release of high quality, secure applications requires organizations to strategically plan ahead for the increased demands of high velocity deployment environments,” said Adam Bosnian, executive vice president, global business development, CyberArk. “The integration with Ansible embeds and automates privileged account security into DevOps pipelines, making it easier for organizations to protect secrets and mitigate security risks while maintaining speed.”
the only security company focused on eliminating the most advanced cyber
threats; those that use insider privileges to attack the heart of the
enterprise. Dedicated to stopping attacks before they stop business,
CyberArk proactively secures against cyber threats before attacks can
escalate and do irreparable damage. The company is trusted by the
world’s leading companies – including more than 50 percent of the
Fortune 100 – to protect their highest value information assets,
infrastructure and applications. A global company, CyberArk is
headquartered in Petach Tikva,
Copyright © 2017 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.
Media Relations Contacts: