Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search


ThycoticCentrify Cloud Automation Bundle Automates Cloud Privilege Management

ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of privileged access management (PAM) leaders Thycotic and Centrify, today announced enhancements to its PAM solution for DevOps, DevOps Secrets Vault. The latest release helps DevOps teams harden their cloud attack surface through Encryption-as-a-Service technology, which automatically encrypts data for all applications.

DevOps Secrets Vault generates just-in-time, dynamic secrets that automatically expire when cloud platform administrators, developers, applications or databases need to access a target. Even if these ephemeral secrets are leaked, any would-be attacker is limited in what they can do and has a limited window in which to do it. This high-speed secrets management helps eliminate friction within existing workflows and the need for developers to hardcode secrets or store them in external libraries.

Cloud security demands PAM designed for the cloud

Cloud growth has increased privileged accounts and credentials to a state that’s unmanageable without automated processes. As enterprises become more reliant on the cloud for infrastructure, application development and business process automation, Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), Software-as-a-Service (SaaS) and DevOps toolchains are vulnerable to privileged account attacks.

According to the most recent Verizon Data Breach Report, more than 77 percent of cloud breaches involve compromised credentials. In fact, 80 percent of organisations operating in the cloud experience at least one compromised account each month, stemming from external actors, malicious insiders or unintentional mistakes, reports McAfee.

A multi-layered approach to cloud security

DevOps Secrets Vault is available as a standalone vault for organisations with existing PAM solutions and within ThycoticCentrify’s Cloud Automation Bundle, a single package of ThycoticCentrify’s integrated cloud PAM solutions.

Enterprise PAM reduces cloud risk with controls for authentication, authorisation, and auditing. Even with multiple business and technical functions utilising different types of cloud resources, ThycoticCentrify provides a consolidated view of privileged access across an entire organisation so IT security teams can manage privileges according to consistent policies. Automation and simple, policy-based controls replace time-consuming, error-prone manual privilege management.

“These latest updates contribute to an even more comprehensive solution that we’ve built into the cloud automation bundle,” says ThycoticCentrify Vice President of Product, Jai Dargan. “With the need for cloud security skyrocketing, enterprises can now address these new use cases more efficiently with an integrated solution.”

Integrated solution for automated, cloud privilege management

ThycoticCentrify’s Cloud Automation Bundle is an integrated solution for automated, cloud privilege management which is comprised of the following elements:

Secret Server is the hub for comprehensive, enterprise PAM for the entire attack surface, including cloud platforms. It can discover privileged accounts, vault credentials, ensure password complexity, delegate access and manage sessions for infrastructure, applications and services with consistent PAM policies and practices.

DevOps Secrets Vault supports dynamic secret creation for MySQL, PostgreSQL and Oracle, as well as cloud platforms such as AWS, Azure and GCP. It integrates into CI/CD workflows with support for Jenkins, Kubernetes, Terraform, Ansible, Chef and programming languages Java, Go, Python, Ruby and .NET. Secrets data, SSH keys and file replication are automatically synchronised between DevOps Secrets Vault and Secret Server for close coordination.

Connection Manager, in combination with Secret Server, saves time by automatically injecting privileged credentials directly into a remote session. IT and developer teams never need to enter or even see passwords. This eliminates the possibility of leaving sensitive information in system memory and opening the door to Pass-the-Hash attacks.

Privileged Behavior Analytics prevents privileged account abuse. Advanced machine learning detects anomalies in privileged account behaviour and automatically takes action in Secret Server before a cyber threat becomes a cyber catastrophe. When risk scores pass acceptable thresholds, Secret Server can immediately rotate passwords, require additional authentication, or increase session monitoring.

© Scoop Media

Business Headlines | Sci-Tech Headlines


Foodstuffs: New World & Four Square Trial NZ’s First Grocery Delivery Offer With Uber Eats

New World & Four Square have partnered with Uber Eats to unlock the first grocery offering available on the platform in Aotearoa. For New World and Four Square it’s yet another way to put New Zealanders first, particularly with those inevitable last-minute grocery needs... More>>

Digitl: Download 2.0 – Vodafone Wi-Fi Calling hits early milestone
Vodafone says it has 10,000 customers using its Wi-Fi Calling service. It took less than three months to reach that milestone; the service began operating in September... More>>

Energy Resources Aotearoa: New Law On Decommissioning Could Be Costly Overkill
A new law on decommissioning oil and gas fields passed by Parliament today has good intentions but is overkill, according to Energy Resources Aotearoa. "We strongly support operators taking responsibility and paying the costs for decommissioning, which is what all good operators do," says chief executive John Carnegie... More>>

ABC Business Sales: Demand High For Covid-proof Businesses
Despite the continuing challenges facing businesses in this Covid environment, right now there are more buyers looking for a small-medium sized business than there are sellers in the market... More>>

PriceSpy: Producer Prices Increase
New Black Friday and Covid-19 Report* released by PriceSpy says people’s fear of stepping inside physical shops during big sales events like Black Friday has risen since last year; Kiwis are still planning to shop, but more than ever will do it online this year... More>>

NZ Skeptics Society: Announce Their 2021 Awards, And Dr Simon Thornley Wins The Bent Spoon

Every year the New Zealand Skeptics presents its awards to people and organisations who have impressed us or dismayed us, and this year it’s been hard to pick our winners because there have been so many choices!.. More>>

REINZ: Sales Volumes Leveling Out

Data released today by the Real Estate Institute of New Zealand (REINZ) shows there were 44 fewer lifestyle property sales (-2.6%) for the three months ended October 2021 than for the three months ended September 2021... More>>