Most Read This Week
Venafi Makes It Easy for DevOps to Run Secure | @DevOpsSummit @Venafi #DevOps #ContinuousTesting
Venafi delivers the power of automated, secure TLS key and certificate lifecycle management for DevOps
By: Elizabeth White
Jul. 23, 2016 02:00 PM
Venafi Makes It Fast and Easy for DevOps to Run Secure
Venafi has extended the power of its platform in an easy-to-use utility for DevOps teams available for immediate download. Now DevOps teams can eliminate the hassle of acquiring and installing TLS keys and certificates. Instead, customers can focus on speeding up continuous development and deployment, while security teams have complete visibility and can keep the DevOps environment secure and compliant to protect customer data. Extending the Venafi Trust Protection Platform requires only a single line of code and works out-of-the box with leading automation, orchestration, and containerization platforms including Puppet, Chef, Docker, Terraform, Saltstack, and Ancible - on premise and in the cloud.
Gartner predicts 75% of organizations will run with Fast IT teams by 2017. As an important part of this strategy, DevOps allows IT teams to move to a continuous testing and development environment. This strategy improves customer experience and delivers new features faster. However, while DevOps can deliver significant benefits it can create significant risk.
TLS keys and certificates determine what can and can't be trusted on the internet, enabling software to communicate privately and preventing man in the middle, spoofing, and other trust-based attacks. DevOps approaches like orchestration and containerization increase the demand for near instantaneous availability of trusted TLS keys and certificates by an order of magnitude or more. Many developers take shortcuts when obtaining or using TLS keys and certificates – like using weak cryptographic methods, unknown, self-signed or duplicate keys, or unapproved certificate authorities (CAs) with little to no validation and oversight from IT security.
All of this makes it easier for attackers to look trusted or hide inside encrypted traffic. And the sheer volume of untrusted and unprotected certificates makes an outage from expired certificates an inevitability.
"Venafi research shows that 79% of CIOs believe that DevOps makes it more difficult to know what is trusted or not because of the chaos brewing with the use of TLS keys and certificates," said Kevin Bocek, Vice President of Threat Intelligence and Security Strategy at Venafi. "Security teams need to keep DevOps safe with easy-to-use automation that eliminates complexity. Using TLS keys and certificates is a great example: While DevOps teams generate at least 10x or more TLS keys and certificates, they take shortcuts or make poor security decisions that create vulnerabilities and make it easy for bad guys to look trusted. And, the rapid, uncoordinated growth in encrypted traffic makes security controls blind to attacks."
Venafi automates the complete secure lifecycle of TLS keys and certificates. DevOps doesn't need to worry about the details of how to get, install, and use keys and certificates. IT security policies are enforced and there's complete visibility. Only trusted keys and certificates are issued and any anomalies are detected quickly. DevOps teams now have the speed they need while IT security maintains control of security and privacy.
"Finding a way to provide security-at-speed is vital if we are to unlock the promise of DevOps," continued Bocek. "Venafi is helping IT security teams make it fast and easy for DevOps to use TLS keys and certificates. Venafi's introduction of new utilities for DevOps expands the power of Venafi's Trust Protection Platform. This is one more reason why Venafi is the leader in protecting SSL/TLS, SSH, and enterprise mobility keys and certificates for the Global 5000. Venafi's patented and proven platform is trusted by the world's leading banks, retailers, insurers, and governments to protect the trust and privacy keys and certificates provide."
@ThingsExpo - The World's Largest 'Internet of Things' Event, November 1-3, 2016, at the Santa Clara Convention Center!
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.
@CloudExpo / @ThingsExpo 2016 Silicon Valley
@CloudExpo / @ThingsExpo 2017 New York
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be.
Register for @CloudExpo/@ThingsExpo 'FREE' Before Friday! ▸ Here
Track 1: Enterprise Cloud & Digital Transformation
Delegates to Cloud Expo | @ThingsExpo will be able to attend 9 simultaneous, information-packed education tracks.
There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content.
Join @CloudExpo | @ThingsExpo conference chair Roger Strukhoff (@IoT2040), June 7-9, 2016 in New York City, for three days of intense 'Internet of Things' discussion and focus, including Big Data's indispensable role in IoT, Smart Grids and Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) IoT's use in Vertical Markets.
About SYS-CON Media & Events
Cloud Expo®, Big Data Expo® and @ThingsExpo® are registered trademarks of Cloud Expo, Inc., a SYS-CON Events company.
Subscribe to the World's Most Powerful Newsletters
Today's Top Reads