CyberArk introduces an open source version of CyberArk Conjur, which now allows organizations to protect organizations, cloud environments and DevOps pipelines against cyber attacks. The new version automatically supports DevOps teams in securing and managing sensitive information, either secrets, so applications in the DevOps pipeline can be safely developed and delivered.
The secrecy of secrets, either account data, SSH keys, API keys and other sensitive information is the biggest vulnerability in DevOps trajectories. Thanks to CyberArk Conjur, DevOps teams can easily implement security best practices in their workflows. Management of secrets is easy to integrate into CI / CD processes (Continuous Integration and Continuous Delivery) through integrations with commonly used developer tools.
“Developers often have the conviction that security is a go-ahead and slowing down the process. Continuous Integration, DevOps and Automation make the workflow more flexible, but also creates more risks, such as keeping secrets and logging in, “said Bart Bruijnesteijn, pre-sales manager UK & North Europe at CyberArk. “However, DevOps does not mean we have to provide for security. It was not! We need to better configure secrets management and provide an audit trail so that code and services are delivered safely. ”
CyberArk Conjur is the only platform-independent solution for secrets management, specifically aimed at protecting containers and micro services. It supports any cloud and on-premise environment, no matter what size. DevOps teams can easily include security best practices in their cloud native development projects, while providing security and compliancy best practices without creating separate security silos.
“JFrog protects the cloud infrastructure with CyberArk Conjur to develop and deliver DevOps software like Artifactory and Bintray,” said Joav Landman, co-founder and CTO of JFrog. “JFrog and open source have been together since its launch in 2008 to today, offering free repositories and delivery services to millions of open source developers. As a user, we are very pleased with this high-quality open source variant of CyberArk Conjur. ”
According to 451 Research, there is clear connection between the adoption of open source software and the DevOps success. However, the number of tools in the open source community to protect applications is underestimated. Many of the tools are complex in use and create unmanaged security islands. CyberArk puts its focus on privileged account security and is thus in an attractive position to realize a new security standard for secrets management, making the DevOps model safer without compromising on flexibility.
“Companies that want to transform digital transformation embrace DevOps and cloud to market new services much faster. Open source and community-driven development has become the leading form, “said Elizabeth Lawler, Vice President DevOps Security at CyberArk. “Since the beginning, Conjur has contributed to the open source community, so it was a logical step to make it available and a chance for CyberArk to share its expertise for a global improvement of cyber security.”
CyberArk Conjur enables companies to integrate secrets management and security of machine identities into their projects, regardless of where they are in the adoption of DevOps. Users who need more features or integration with the CyberArk Privileged Account Security Solution can seamlessly upgrade from open source version to CyberArk Conjur Enterprise. The open source variant of CyberArk Conjur is available at www.conjur.org and GitHub.
On September 19, CyberArk organizes a webinar entitled “Bring the Benefits of Open Source to Secure Your DevOps Pipeline”