Thycotic Releases New Version of DevOps Secrets Vault
June 08, 2020

Thycotic revealed a new just-in-time functionality that ensures security of cloud platform access.

The new release of Thycotic's DevOps Secrets Vault solution supports dynamic secrets creation for infrastructure-as-a-service (IaaS) platforms Amazon Web Services (AWS), Microsoft Azure (Azure) and Google Cloud Platform (GCP).

With DevOps Secrets Vault, dynamic secrets are automatically generated at the time of request and can be used when a user or resource, like a configuration tool, needs a credential but that access needs to expire after a set time. Dynamic secrets also enable fine-grained authorization through cloud policies. Limiting the scope of what the secret can do and the timeframe that the credential is valid greatly reduces any value of the secret to an attacker.

"The exponential growth of hybrid multi-cloud adoption is continuing to stress-test existing security models and conventional approaches to Privileged Access Management," said Jai Dargan, VP of Product Management at Thycotic. "We know that organizations will migrate workloads to AWS, Azure, and GCP at record speed this year, so CISOs need to do everything they can with the available solutions they have to limit risk associated with secrets proliferation. DevOps Secrets Vault is a cloud-based vault that balances the security and velocity that DevOps teams require for this growing part of the enterprise attack surface. With dynamic secrets, we have added a just-in-time approach to secrets management that further reduces the risk of compromised credentials."

DevOps Secrets Vault enables organizations to adopt enterprise-class secrets management for DevOps pipelines. The complexity and variety of tools within these pipelines require centralized management of privileged access to maintain security, unify privileged access management, and control costs.

Utilizing a cloud-based AWS architecture, DevOps Secrets Vault offers rapid deployment, elastic scalability, and is purpose-built to handle the high-speed secrets management needs of the most dynamic DevOps environments.

DevOps Secrets Vault now supports secrets access for Chef and Puppet and includes software development kits (SDKs) for Ruby and .NET. DevOps Secrets Vault also integrates with Jenkins, Kubernetes, Terraform, and Ansible, and includes SDKs for Java, Go, and Python.

Users can authenticate to DevOps Secrets Vault through AWS, Azure, GCP, and Thycotic One methods. GCP support includes the ability to authenticate via service and user accounts, Google Compute Engines (GCE) and Google Kubernetes Engines (GKE). Thycotic One enables single sign-on and two-factor authentication via both TOTP and SMS methods.

Share this

Industry News

April 14, 2025

LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.

April 14, 2025

Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.

April 14, 2025

Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.

April 10, 2025

Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.

April 10, 2025

Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.

April 10, 2025

The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.

April 09, 2025

Backslash Security(link is external) announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.

April 09, 2025

SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.

April 09, 2025

Akamai Technologies introduced App & API Protector Hybrid.

April 09, 2025

Veracode has been granted a United States patent for its generative artificial intelligence security tool, Veracode Fix.

April 09, 2025

Zesty announced that its automated Kubernetes optimization platform, Kompass, now includes full pod scaling capabilities, with the addition of Vertical Pod Autoscaler (VPA) alongside the existing Horizontal Pod Autoscaler (HPA).

April 08, 2025

Check Point® Software Technologies Ltd.(link is external) has emerged as a leading player in Attack Surface Management (ASM) with its acquisition of Cyberint, as highlighted in the recent GigaOm Radar report.

April 08, 2025

GitHub announced the general availability of security campaigns with Copilot Autofix to help security and developer teams rapidly reduce security debt across their entire codebase.

April 08, 2025

DX and Spotify announced a partnership to help engineering organizations achieve higher returns on investment and business impact from their Spotify Portal for Backstage implementation.

April 07, 2025

Appfire announced its launch of the Appfire Cloud Advantage Alliance.