DEVOPSdigest

RevBits announced availability of its CI/CD Access Management module, further enhancing the RevBits Privileged Access Management solution.

Continuous integration and continuous delivery (CI/CD), enables software developers and DevOps teams to meet the high demands and dynamic requirements of users. These two combined methodologies create a CI/CD pipeline, enabling DevOps to deliver software updates more frequently and reliably. However, without enough oversight, or security as a key requirement, they come with potential security risks.

Building upon its technology leadership in the access management marketplace, RevBits has added, what Gartner considers, an advanced PAM feature to its solution. RevBits' PAM with CI/CD Access Management, expands the capabilities of system administrators to more fully manage and control secrets access.

"CI/CD Access Management was built to address the unique scalability and agility challenges associated with authenticating, authorizing, and auditing secrets within DevOps environments," said David Schiffer, CEO at RevBits. "As a module within our advanced PAM solution, CI/CD enables enterprises to reduce security and compliance risk associated with secrets sprawl, while improving productivity."

When DevOps create an app for a testing, staging, or production server, they often include secrets. These can be credentials or security keys, which authenticate data associated with an API, application, SSH, certificate, etc. RevBits secrets manager, can be audited and centrally managed to protect and control secrets.

"Using a secrets manager plugin within CI/CD environments is a more secure approach. Applying common DevOps tools, like Jenkins, Kubernetes, and others, developers can configure the variables, and associate them with the location and values they imputed for the secrets," said Mucteba Celik, CTO at RevBits. "By continuing to add to our PAM solution, with modules like CI/CD Access Management, RevBits continues to deliver the tools enterprises need to protect their valuable assets, networks, applications, and services."

RevBits CI/CD Access Management feature highlights

- RevBits secrets manager, can be audited and centrally managed to protect and control secrets.

- Keeps secrets encrypted and delivers them to CI/CD plugins when needed over SSL, with an additional layer of encryption that employs Diffie-Hellman to establish the secure key exchange.

- Supports Jenkins, Puppet, Terraform, OpenShift, Ansible, Docker, Cloud Foundry, and Kubernetes with future tools under development.