Integrated Solution Secures and Manages Secrets Used by Jenkins;
Drives Greater Automation Across DevOps Pipeline
SAN FRANCISCO--(BUSINESS WIRE)--Aug. 30, 2017--
CyberArk
(NASDAQ: CYBR),
the company that protects organizations from cyber
attacks that have made their way inside the network perimeter, today
announced the integration of the CyberArk Privileged Account Security
Solution with Jenkins, the leading open source automation server. With
this integration, organizations gain an automated orchestration process
with built-in secrets management and protection for their DevOps
pipeline without unnecessary trade-offs between security and velocity.
CyberArk will demonstrate the integration at stand #504 at Jenkins World
2017, August 28 – 31.
Automatically Embed Secrets Management Best Practices Into DevOps
Pipelines
Secrets represent one of the largest DevOps-related
security vulnerabilities an organization faces today. In many
environments, secrets are poorly secured – often in text files – and are
manually managed by team members.
This makes secrets a prime target for an external attacker or malicious
insider. If exploited, secrets allow attackers to take full control of
an organization’s IT infrastructure, disable security controls, steal
confidential information, commit financial fraud and disrupt operations.
The CyberArk Privileged Account Security Solution integration with
Jenkins enables CIOs, CISOs, operations personnel and developers to
deploy solutions that provide security and support compliance goals
without impeding the agility and speed of the DevOps pipeline.
Organizations can now:
-
Secure and Manage Secrets Used by Jenkins Jobs: The joint
solution automates nearly all security and management tasks related to
secrets use by the Jenkins solution across every environment and
platform. Each time a job is run, the Jenkins agent retrieves a secret
from CyberArk-Conjur – keeping secrets safe. CyberArk-Conjur rotates
secrets automatically based on an organization’s security policy,
making them available to developers on-demand in any environment,
while protecting them from potential compromise.
-
Secure and Monitor Privileged User Access to the Jenkins Console:
As the Jenkins console provides access to almost every asset
throughout the DevOps pipeline from development to deployment, user
activity should be carefully monitored and controlled. Using CyberArk
Privileged Session Manager, organizations can isolate, control and
monitor user access and activity on the Jenkins console to prevent
against insider threats or external attacks. All privileged user
sessions are recorded in the background for audit and compliance
purposes.
“Focusing on secrets protection, and ensuring that privileged access to
Jenkins is secured and managed, will enable security
practitioners/experts to enforce security polices and support compliance
goals while giving DevOps teams the tools they need to remain
productive,” said Kohsuke
Kawaguchi, CTO, CloudBees and founder of the Jenkins project.
“CyberArk is setting a standard for how organizations can secure
privileged accounts and manage secrets without impacting the DevOps
workflow.”
The enterprise-grade CyberArk Privileged Account Security Solution
enables DevOps and security practitioners to automatically secure and
manage secrets – used by both users and machines such as CI/CD and
configuration management tools, applications, hosts and microservices.
This enables organizations to accelerate the rate of software deployment
without compromising on security, while maintaining a comprehensive
audit trail for compliance initiatives.
“The DevOps process has had a dramatic impact on organizations and the
speed with which software can be delivered. Despite these gains, DevOps
was fundamentally not designed with security in mind, representing a
growing attack surface that malicious attackers target and exploit,”
said Adam Bosnian, executive vice president, global business
development, CyberArk. “The integration of the CyberArk Privileged
Account Security Solution with Jenkins provides organizations with an
enterprise-class solution for privileged account security and automated
secrets management. This empowers organizations to create secure DevOps
environments without slowing down productivity.”
As part of this integration, Jenkins is also joining CyberArk’s global
technology partner program that brings together enterprise software, IT
security and service providers to build on the power of privileged
account security to better protect customers from cyber threats across
multi-platform environments.
About CyberArk
CyberArk is
the only security company focused on eliminating the most advanced cyber
threats; those that use insider privileges to attack the heart of the
enterprise. Dedicated to stopping attacks before they stop business,
CyberArk proactively secures against cyber threats before attacks can
escalate and do irreparable damage. The company is trusted by the
world’s leading companies – including more than 50 percent of the
Fortune 100 – to protect their highest value information assets,
infrastructure and applications. A global company, CyberArk is
headquartered in Petach Tikva, Israel, with U.S. headquarters located in
Newton, Mass. The company also has offices throughout the Americas,
EMEA, Asia Pacific and Japan. To learn more about CyberArk, visit www.cyberark.com,
read the CyberArk
blog, or follow on Twitter via @CyberArk,
LinkedIn or
Facebook.
Copyright © 2017 CyberArk Software. All Rights Reserved. All
other brand names, product names, or trademarks belong to their
respective holders.
View source version on businesswire.com: http://www.businesswire.com/news/home/20170830005270/en/
Source: CyberArk
Media Relations Contacts:
fama PR
Brian Merrill,
+1-617-986-5005
cyberark@famapr.com
or
CyberArk
Christy
Lynch, +1-617-796-3210
press@cyberark.com
Investor
Relations Contact:
CyberArk
Erica Smith, +1-617-630-6426
ir@cyberark.com