Cloud Hosting

Wednesday, 25 August 2021, 11:57 amPress Release: ThycoticCentrify

Auckland, New Zealand August25, 2021 ThycoticCentrify,a leading provider of cloud identity security solutionsformed by the merger of privileged access management (PAM)leaders Thycotic and Centrify, today announced enhancementsto its PAM solution for DevOps, ThycoticDevOps Secrets Vault and new and expanded capabilitiesfor its award-winning PAM solution, ThycoticSecret Server.

The latest version of DevOpsSecrets Vault offers certificate-based authentication andthe ability to configure Time-to-Live (TTL) for secrets,leading to even tighter DevOps security and easiermanagement.

With the latest enhancements toThycotic DevOps Secrets Vault, were continuing ourcommitment to deliver usable security solutions, saidRichard Wang, Director of Product Management atThycoticCentrify. Todays organisations require aDevOps solution thats as agile as their development whilesatisfying the needs of IT and securityteams.

Certificate-based authenticationdesigned for privileged machines

ThycoticsDevOps Secrets Vault addresses all scenarios in a DevOpsflow where secrets are exchanged between machines, includingdatabases and applications for software and infrastructuredeployment, testing, orchestration, configuration, andRobotic Process Automation (RPA). In sync with thehigh-speed workflow, DevOps Secrets Vault creates digitalauthentication credentials that grant privileged access tosystems and data.

With the latest release,organisations can use certificate-based authentication forenhanced security and easier management. Unlikeauthentication solutions designed for people (such asbiometrics and one-time passwords), certificate-basedauthentication can be used for machines non-humanprivileged users such as systems, devices, and the growingInternet of Things (IoT) to identify a machine beforegranting access to a resource, network, or application.Certificates are stored locally and securely, whichalleviates the headache of managing passwords anddistributing, replacing, and revokingtokens.

Time-to-Live eliminates standingsecrets for all cloud platforms

In a DevOpsworkflow, resources are created quickly and must expireautomatically to meet compliance requirements and avoid therisk of standing privilege. When cloud platformadministrators, developers, applications, or databases needto access a target, DevOps Secrets Vault generatesjust-in-time, dynamic secrets.

DevOps Secrets Vaulthas long supported automatically expiring secrets for AWSand Azure, and now extends this capability to Google CloudPlatform. Now, no matter which environment organisationschoose, they can set a predetermined time for secrets toexpire automatically.

Security and identity teamsare working in lockstep with DevOps to meet the requirementsof these high-speed processes, said Wang. They requirea powerful solution that delivers immediate value whileserving the needs of agile innovation.

Combinedwith Thycotic Secret Server, the industry-leading vault fordigital credentials, DevOps Secrets Vault provides securityand IT teams full visibility and control over secretsmanagement throughout an organisation. Specifically, DevOpsSecrets Vault replaces the need for hardcoded credentialsused in the DevOps process and CI/CD toolchains.

Tolearn more about DevOps Secrets Vault, visit https://thycotic.com/products/devops-secrets-vault-password-management/.

With the addition of the new Secret Erasefeature, enhancements to Secret Servers mobileapplication, Connection Manager, and Web Password Filler, ThycoticSecret Server now more than ever helps reduce cyberrisk, expand discovery, and increase productivity for ITadministrators as well as business users.

Removal ofprivileged account information after its no longer neededis critical to security and compliance standards, especiallywhen organisations are working with contracted third-partyadministrators. With Secret Erase, secrets and related data such as usernames, passwords, and email addresses are purged completely from the database, while stillproviding an audit trail to meet documentation andcompliance requirements.

After a third-partyengagement with a privileged user is completed, removingsecrets and related data is a best practice, said JasonMitchell, Senior Vice President of Engineering atThycoticCentrify. Our latest release of Secret Serveradds this important capability with Secret Erase,prioritising both security and compliance. Now ITadministrators can rest a little easier knowing no historicor unnecessary credentials are left available for cybercriminals to exploit and gain privilegedaccess.

SSH management forUnix/Linux

An accurate record of all SSH keysis essential to properly secure them. Locating and trackingSSH public keys can be an arduous task for ITadministrators. To save time and effort, Secret ServersDiscovery tool now includes the ability to locate existingSSH keys associated with Linux and Unix servers. AdditionalSSH session management capabilities in the release simplifysudo/su elevation and enable select command blocklistingduring SSH proxied sessions.

Usable securityfor greater productivity

The onslaught ofdaily alerts and notifications can be fatiguing for manyusers. With so much noise, its difficult to digestinformation quickly and understand which notificationsrequire action. To reduce alert fatigue, Secret ServersInbox now provides a customisable toolset to manage howemail and notifications are sent and received by users.Inbox allows for configuration of notification scheduling,collecting notifications into digest format, creation ofmessage templates, rules, and more.

Organisations cantest drive the latest version of Thycotic Secret Server forfree at https://thycotic.com/products/secret-server/.

ThycoticCentrify is a leading cloudidentity security vendor, enabling digital transformation atscale. ThycoticCentrifys industry-leading privilegedaccess management (PAM) solutions reduce risk, complexity,and cost while securing organisations data, devices, andcode across cloud, on-premises, and hybrid environments.ThycoticCentrify is trusted by over 14,000 leadingorganisations around the globe including over half of theFortune 100, and customers include the worlds largestfinancial institutions, intelligence agencies, and criticalinfrastructurecompanies.

Scoop Media

Become a member Find out more

Go here to read the rest:
ThycoticCentrify Enhances DevOps Security with Certificate-Based Authentication and Configurable Time-to-Live for All Cloud Platforms | Scoop News -...