Centrify, a leading provider of Zero Trust Security through the power of Next-Gen Access, announced overnight at the RSA Conference in San Francisco that it is extending its Zero Trust Security platform to DevOps environments.
Centrify customers can now reduce their exposure to common security threats in their application development pipelines without compromising security, velocity, or scalability by leveraging Centrify Next-Gen Access.
While the introduction of microservices, container-based architectures, and DevOps practices has revolutionised software development, they have made access management increasingly complex for companies that adopt these new technologies, tools, and methodologies.
Security and operations teams must manage and audit permissions and credentials for a growing number of user and system accounts. This challenge is compounded by traditional methods of securing development environments requiring manual interventions and restrictive controls that significantly restrict the agility of development and operations (DevOps).
Centrify vice president of product strategy David McNeely said DevOps created a challenge for organisations that sought agility while maintaining security in broadly-distributed networks. “Prioritising functional needs over security while building applications exposes organisations to significant risk,” he said.
“Centrify Zero Trust Security reduces that risk by managing identities and access end-to-end across the entire corporate ecosystem, including DevOps environments and emerging tools and services.”
Centrify Zero Trust Security enables customers to scale adoption of secure DevOps by simplifying the integration of security into application development pipelines. By assuming all users, applications, and endpoints are untrustworthy, the Zero Trust approach verifies them at every point of access to secure the development pipeline.
Centrify’s Next-Gen Access portfolio now enables: • Centralised management of Docker groups within Active Directory • Centralised management of access rights and privileges for CoreOS Container Linux, and • Access management for containerised applications.
The Centrify Zero Trust Security platform can now also seamlessly authenticate to HashiCorp Vault, a tool for securely storing and accessing secrets. Centrify’s authentication method grants users temporary access to Vault, eliminating long-lived credentials that can be compromised through malware attacks. With Centrify, user and service accounts can access Vault by authenticating against any connected directory source including Active Directory, LDAP, Google Directory, or the Centrify Cloud Directory.
The Centrify Zero Trust Security Platform authenticates users to Vault with their enterprise credentials, whether it is deployed on-premises, in a DMZ, or in the AWS cloud.
HashiCorp VP Worldwide Alliances Burzin Patel said that having Vault integrate with Centrify Zero Trust Security was a valuable option for the company’s users. “Centrify’s platform empowers users to leverage the control and flexibility of using their existing corporate source for identity, while also increasing security and agility,” he said. “That’s huge for developers, who are usually required to sacrifice one over the other.”
To learn more about Centrify Zero Trust Security, visit www.centrify.com or booth 501 at this week’s RSA Conference 2018 in San Francisco. For media assistance in Australia and New Zealand, call John Harris on +61 8 8431 4000 or email email@example.com.
About Centrify Centrify delivers Zero Trust Security through the power of Next-Gen Access. The Centrify Zero Trust Security model assumes that users inside a network are no more trustworthy than those outside the network. Centrify verifies every user, validates their devices, and limits access and privilege. Centrify also utilises machine learning to discover risky user behaviour and apply conditional access — without impacting user experience. Centrify’s Next-Gen Access is the only industry-recognised solution that uniquely converges Identity-as-a-Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM). More 5000 worldwide organisations, including over half the Fortune 100 in the US, trust Centrify to proactively secure their businesses. Centrify is a registered trademark of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.