DEVOPSdigest

Keyfactor announced DevOps integrations with automation and containerization providers Ansible, Docker, HashiCorp, Jenkins and Kubernetes to offer security-first services and solutions designed to seamlessly integrate with existing enterprise tools and applications.
 
“DevOps has radically improved agility and application delivery in organizations large and small,” said Ted Shorter, CTO and co-founder at Keyfactor. “Yet new DevOps processes and tooling have struggled to align security within workflows - software security typically takes more time than DevOps-centered software delivery cycles allow.”
 
A rise in cryptographic-based attacks, like last year’s ASUS attack, exploit third-party software and its digital certificates, allowing attackers to connect to sensitive backend systems or push malware through updater tools. Recent research indicates a 39% likelihood that organizations will experience a similar server certificate or key misuse incident over the next two years.

Digital certificates have long played an integral — if not routine — role in DevOps workflows, securing authentication across users, devices and applications. The secure identities the certificates establish reinforce key DevOps practices within infrastructure, pipeline, code and microservices integration, thereby bridging the DevSecOps gap and the ability to mitigate security risk.
 
“Our mission is to help DevOps teams establish critical trust at design through comprehensive and complete cryptographic management,” said Shorter. “We want to make it easy to apply cloud-first, crypto-agility at scale to ensure all connections — especially those critical to business and human life — are trusted.”
 
Keyfactor offers cloud-hosted PKI-as-a-Service infrastructure through integrated certificate and key management, secure signing and secure IoT device design. The platform provides discovery, integration and orchestration capabilities, enabling teams to gain complete crypto-agility, extensibility and visibility.