DEVOPSdigest

Opsera announced its technology partnership with HashiCorp, a provider of multi-cloud infrastructure automation software.

Opsera offers customers the choice to use a dedicated instance of HashiCorp Vault provisioned in their own data-plane, or to "bring their own Vault" by connecting Opsera's platform with existing HashiCorp Vault instances.

HashiCorp Vault provides the foundation for modern multi-cloud security. It is purpose-built in the cloud era to authenticate and access different clouds, systems, and endpoints, and centrally store, access, and deploy secrets (API keys, credentials, etc). It also provides a simple workflow to encrypt data in flight and at rest.

Opsera's Continuous Orchestration platform for DevOps helps engineers provision or integrate CI/CD tools of choice from a common architectural framework and was designed with layered security measures to ensure peace of mind. Opsera architected its platform by separating a multi-tenant "control plane" SaaS infrastructure from all customer data by deploying customer-dedicated Virtual Private Clouds (VPCs) for each customer, and keeping all tools, processes, data, configurations, observability, and secrets in a dedicated VPC.

HashiCorp Vault lets users secure, store and tightly control access to tokens, passwords, certificates,and encryption keys for protecting secrets and other sensitive data. Opsera's SaaS platform can provision and scale a HashiCorp Vault instance on behalf of each customer. Customers can also integrate their own managed Vaults with Opsera to centrally manage keys, secrets, tokens and certificates, as well as the policies and standards for their CI/CD pipelines.

Opsera's platform can manage the lifecycle of the Vault infrastructure within a customer's dedicated VPC providing several layers of separation and defense. This technology integration removes friction by creating a centralized and standardized secrets store to reduce the risk of a breach due to secrets sprawl and streamline security operations. The result is unparalleled security tactics for secrets and private key material but allows the flexibility for approved end users to access them through the tools and technologies they're already using today.

"Security is a top priority and challenge for any company using SaaS, especially when entrusting an externally hosted platform with the keys to their mission-critical infrastructure," said Kumar Chivukula, CTO and co-founder of Opsera. "With the technology integration with HashiCorp Vault, we are pleased to offer customers choice and flexibility when it comes to protecting their secrets. This partnership helps our customers integrate the secrets seamlessly into their software delivery (CI/CD workflows, tool chain automation and cloud services etc.) and strengthens our ongoing mission to keep customers' data as secure as possible."

"With widespread usage of multi-cloud and CI/CD pipelines to deliver software, businesses need to store data in multiple locations simultaneously, presenting challenges in centrally managing and controlling access to secrets," says Asvin Ramesh, Senior Director, Technology Partners at HashiCorp. "With HashiCorp Vault, customers maintain full control of their secrets by using their own managed Vault instance to give role-based access to secrets spread across various cloud storage providers, data centers, while also keeping detailed access logs. Opsera, with its 'bring your own Vault' feature, makes it possible for customers to securely access private key material across all of the tools and CI/CD pipelines for software delivery."