Secure DevOps is a concept of integrating security into every aspect of DevOps-based software delivery process. Centrify provides a set of solutions designed to enable companies to securely build and deploy applications using DevOps practices. These solutions centralize and automate access controls to developer toolchains and underlying infrastructure, enhance application security, and enable logging and auditing of privileged activity.
Access and Privilege Management
Control Access to AWS Console and Command Line Interface
Vault the password for the AWS root account and enforce Multi-Factor Authentication (MFA) to gain access to the AWS Console.
Grant temporary access to AWS through AWS Console or AWS Command Line Interface (CLI) for federated users.
Leverage any connected directory source including Active Directory, LDAP, Google Directory, or the Centrify Cloud Directory to control AWS access and privileges.
Manage Access to DevOps Tools
- Authenticate users to HashiCorp Vault against any connected directory source including Active Directory, LDAP, Google Directory, or the Centrify Cloud Directory whether you deploy the Vault on-premises, in a DMZ or in the AWS cloud.
- Simplify partner, vendor, and temporary employee access to application development environments with federated identity management.
Secure Container Architectures
- Centrally manage user access rights and privileges to Linux Docker hosts, including hosts running CoreOS Container Linux.
- Implement Multi-Factor Authentication (MFA) and temporary privilege escalation to gain access to individual containers and container hosts.
- Enable granular privilege management at the container platform and the container operating system layers across your development environments.
Enhance Application Security
Manage Privileged Accounts
- Securely store and rotate credentials for privileged system and service accounts.
- Automate application access to privileged service accounts by replacing passwords within your code with a script requesting password checkout.
- Ensure only trusted applications can request privileged account credentials by identifying and validating system accounts prior to password retrieval.
- Centrally store passwords, API keys, tokens, and encryption keys for users and applications.
- Require Multi-Factor Authentication (MFA) to gain access to the secrets store.
- Log and review recent activity for stored secrets, including who and when they accessed or modified your secrets.
- View information about the secrets you have stored based on the criteria in which you are interested. For example, you can generate a report of the secrets that have been recently replaced.
Activity Logging and Auditing
Capture detailed session logs and gain visibility into administrative actions taken on your containers and container hosts.
Log user and service account access to HashiCorp Vault and analyze administrative actions taken on stored secrets.