Virtualization Technology News and Information
Keyfactor Announces DevOps Integrations to Address Identity and Access Management Security Risk
Keyfactor today announced DevOps integrations with automation and containerization industry leaders Ansible, Docker, HashiCorp, Jenkins and Kubernetes to offer security-first services and solutions designed to seamlessly integrate with existing enterprise tools and applications. 

"DevOps has radically improved agility and application delivery in organizations large and small," said Ted Shorter, chief technology officer and co-founder at Keyfactor. "Yet new DevOps processes and tooling have struggled to align security within workflows - software security typically takes more time than DevOps-centered software delivery cycles allow."

A rise in cryptographic-based attacks, like last year's ASUS attack, exploit third-party software and its digital certificates, allowing attackers to connect to sensitive backend systems or push malware through updater tools. Recent research indicates a 39% likelihood that organizations will experience a similar server certificate or key misuse incident over the next two years.

According to research firm Gartner Inc., "proper secrets management, including certificate and key management, is crucial to security agile applications."

Digital certificates have long played an integral - if not routine - role in DevOps workflows, securing authentication across users, devices and applications. The secure identities the certificates establish reinforce key DevOps practices within infrastructure, pipeline, code and microservices integration, thereby bridging the DevSecOps gap and the ability to mitigate security risk.

"Our mission is to help DevOps teams establish critical trust at design through comprehensive and complete cryptographic management," said Shorter. "We want to make it easy to apply cloud-first, crypto-agility at scale to ensure all connections - especially those critical to business and human life - are trusted."

Keyfactor offers cloud-hosted PKI-as-a-Service infrastructure through integrated certificate and key management, secure signing and secure IoT device design. The platform provides discovery, integration and orchestration capabilities, enabling teams to gain complete crypto-agility, extensibility and visibility.
Published Tuesday, January 21, 2020 8:46 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2020>