Secure your application development environments by controlling access to your developer tools and infrastructure, enhancing application security, and auditing privileged activity.
What is Secure DevOps?
Secure DevOps is a concept of integrating security into every aspect of DevOps-based software delivery process. Centrify provides a set of solutions designed to enable companies to securely build and deploy applications using DevOps practices. These solutions centralize and automate access controls to developer toolchains and underlying infrastructure, enhance application security, and enable logging and auditing of privileged activity.
Centrally control access rights and privileges for your development environments, tools, apps, and underlying infrastructure
Lock down privileged service and system accounts, store and manage secrets, and enable secure communication between applications, containers, and microservices
Automatically log, monitor, and audit administrative activity in your development and production environments
Secure DevOps Solutions by Centrify
Centrify provides solutions that help you practice Secure DevOps at your company. These solutions help your developer, security, and operations teams manage access to complex development environments, enhance application security, and provide auditable logs of privileged activity.
Access and Privilege Management
Control Access to AWS Console and Command Line Interface
- Vault the password for the AWS root account and enforce Multi-Factor Authentication to gain access to AWS Console.
- Grant temporary access to AWS through AWS Console or AWS Command Line Interface (CLI) for federated users.
- Leverage any connected directory source including Active Directory, LDAP, Google Directory, or the Centrify Cloud Directory to control AWS access and privileges.
Manage Access to DevOps Tools
- Authenticate users to HashiCorp Vault against any connected directory source including Active Directory, LDAP, Google Directory, or the Centrify Cloud Directory whether you deploy the Vault on-premises, in a DMZ, or in the AWS cloud.
- Control access to your GitHub resources and web-based developer tools by using SAML single sign-on.
- Simplify partner, vendor, and temporary employee access to application development environments with federated identity management.
Secure Container Architectures
- Centrally manage user access rights and privileges to Linux Docker hosts, including hosts running CoreOS Container Linux.
- Implement Multi-Factor Authentication (MFA) and temporary privilege escalation to gain access to individual containers and container hosts.
- Enable granular privilege management at the container platform and the container operating system layers across your development environments
Enhance Application Security
Manage Privileged Accounts
- Securely store and rotate credentials for privileged system and service accounts.
- Automate application access to privileged service accounts by replacing passwords within your code with a script requesting password checkout.
- Ensure only trusted applications can request privileged account credentials by identifying and validating system accounts prior to password retrieval.
Secure Service to Service Communication
- Enable containerized applications to securely access other network resources by leveraging Kerberos, SAML, or OAuth authentication.
- Apps running in a container to talk to AWS-hosted services.
- Use SAML or OAuth for one service to another one.
- Centrally store passwords, API keys, tokens, and encryption keys for users and applications.
- Require Multi-Factor Authentication (MFA) to gain access to the secrets store.
- Log and review recent activity for stored secrets, including who and when accessed or modified your secrets.
- View information about the secrets you have stored based on the criteria in which you are interested. For example, you can generate a report of the secrets that have been recently replaced.
Enable Build-in App Security
- Authenticate users, customers, and partners into your apps by integrating Centrify Identity Management solution
- Easily implement additional multi-factor authentication requirements through SMS, voice call, security question, email, single-tap one-time passcode, or automated push notification to mobile devices.
Activity Logging and Auditing
- Capture detailed session logs and gain visibility into administrative actions taken on your containers and container hosts.
- Log user and service account access to HashiCorp Vault and analyze administrative actions taken on stored secrets.
Centrify Identity Platform
Protect against the leading cause of cyberthreats — compromised credentials — with a complete set of solutions to secure the modern enterprise.
- All Users: Employees, contractors, privileged users, partners, customers
- All Apps: Cloud or on premises
- All Resources: Network infrastructure, outsourced IT, Mac and mobile devices