SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Delinea unveils newest features of DevOps Secrets Vault
Tue, 20th Dec 2022
FYI, this story is more than a year old

Delinea has revealed the newest release of its DevOps Secrets Vault.

The latest features in the release include Bring Your Own Key (BYOK), GitHub action integration, and user interface improvements.

These elements are said to provide developers with enhanced flexibility and additional credential security controls when connecting application layers across cloud infrastructure.

Delinea says DevOps Secrets Vault provides developers with a secure and consistent method for securely injecting secrets, otherwise known as credentials, into their applications and services with just-in-time access and without exposing them.

The development comes at a time when, according to a 2021 Forrester survey commissioned by Delinea, 57% of respondents experienced a security incident related to exposed secrets from insecure DevOps processes in the past two years. Furthermore, 62% expected these incidents to become more prevalent in the next two years.

Delinea says that because DevOps Secrets Vault now supports BYOK encryption key management for Amazon Web Services (AWS), customers will have complete control of the encryption key as they can use their existing AWS encryption key instead of the one provided within DSV. 

Customers can remove access to the key, preventing DevOps Secrets Vault from decrypting secrets which is useful when investigating a potential compromise. Complete control of the encryption key further reduces the risk of a compromise, even if a bad actor is able to access the vault.

This release is said to further strengthen security by integrating GitHub Action so that developers can securely fetch secrets from DevOps Secrets Vault for use in their GitHub workspace while continuing to code directly in GitHub with no disruption to their established workflows. 

With this integration, they no longer need to store credentials in their GitHub repository configuration, reducing the risk of compromised credentials.

“Many organisations are building strong DevOps practices to meet business needs and deliver better applications in less time,” says Phil Calvin, Chief Product Officer at Delinea. 

“Our continual updates to DevOps Secrets Vault provide developers with a more secure method for coding secrets, without impacting their productivity.”

Additional updates in the release include enhancements to the graphical and command line interfaces to improve usability and flexibility, allowing developers to continue to work in their preferred interface.

Delinea has expertise in privileged access management (PAM) solutions, with the company endeavouring to make security seamless for the modern, hybrid enterprise. The company’s solutions help organisations to secure critical data, devices, code, and cloud infrastructure to help reduce risk, ensure compliance and simplify security.