Thycotic, a provider of privileged access management (PAM) solutions for more than 12,500 organizations worldwide, including 25 percent of the Fortune 100, today announced enhancements to their PAM solution for DevOps, DevOps Secrets Vault. The latest release helps DevOps teams harden their cloud attack surface through Encryption-as-a-Service technology, which automatically encrypts data for all applications.
DevOps Secrets Vault generates just-in-time, dynamic secrets that automatically expire when cloud platform administrators, developers, applications, or databases need to access a target. Even if these ephemeral secrets are leaked, any would-be attacker is limited in what they can do and has a limited window in which to do it. This high-speed secrets management helps eliminate friction within existing workflows and the need for developers to hardcode secrets or store them in external libraries.
Cloud security demands PAM designed for the cloud
Cloud growth has increased privileged accounts and credentials to a state that’s unmanageable without automated processes. As enterprises become more reliant on the cloud for infrastructure, application development, and business process automation, Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), Software-as-a-Service (SaaS), and DevOps toolchains are vulnerable to privileged account attacks.
According to the most recent Verizon Data Breach Report, more than 77 percent of cloud breaches involve compromised credentials. In fact, 80 percent of organizations operating in the cloud experience at least one compromised account each month, stemming from external actors, malicious insiders, or unintentional mistakes, reports McAfee.
A multi-layered approach to cloud security
DevOps Secrets Vault is available as a standalone vault for organizations with existing PAM solutions and within Thycotic’s Cloud Automation Bundle, a single package of Thycotic’s integrated cloud PAM solutions.
Even with multiple business and technical functions utilizing different types of cloud resources, Thycotic provides a consolidated view of privileged access across an entire organization so IT security teams can manage privileges according to consistent policies. Automation and simple, policy-based controls replace time-consuming, error-prone manual privilege management.
“These latest updates contribute to an even more comprehensive solution that we’ve built into the cloud automation bundle,” says Thycotic Vice President of Product, Jai Dargan. “With the need for cloud security skyrocketing, enterprises can now address these new use cases more efficiently with an integrated solution.”