SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Delinea updates DevOps security, remote access more seamless
Thu, 29th Sep 2022
FYI, this story is more than a year old

Delinea, a provider of Privileged Access Management (PAM) solutions for seamless security, has announced the latest release of DevOps Secrets Vault, its high-speed vault for DevOps and DevSecOps teams. 

New enhancements include development support on the most recent Mac computers and improved secrets management usability through automation, intended to reduce development time and increase visibility. 

According to a 2022 Crowdstrike report, 80% of cyber attacks involve stolen credentials, and in late 2021 Gartner listed managing machine identities as one of the top five cybersecurity and risk trends.

Delinea strives to reduce the risk of using hardcoded credentials in applications and services by dynamically injecting secure credentials with Just-in-Time access from DevOps Secrets Vault.

With added support for the M1 chip, developers coding on the latest Macs can now benefit from using DevOps Secrets Vault's command line interface (CLI) and the DSV Engine (an agent supporting dynamic database secrets) as part of their toolset. Building upon its focus on seamless usability, Delinea continues to reduce friction that commonly arises when securing sensitive secrets and credentials, especially in fast-paced DevOps environments.

Both the CLI and graphical interface receive continual usability and flexibility enhancements, allowing developers to work seamlessly in their preferred interface with their preferred tools while helping organisations decrease the risk of compromised credentials.

New features added to both interfaces include expanded support for security information and event management (SIEM) functionality. There’s also a certified Ansible plugin for use on Ansible Automation Hub. In addition, there are enhanced authentication methods. 

“The exponential growth of machine identities as applications are modernised and architected as micro-services continues to place organisations at increased risk,” says Jason Michell, Senior Vice President of Engineering at Delinea. 

“Delinea's ongoing focus on making security seamless for developers is reflected in these recent enhancements, enabling them to use DevOps Secrets Vault to dynamically insert credentials in their code, in line with security best practices.”

Delinea also announced new and expanded capabilities for Connection Manager, its secure remote access management solution.

With a continued focus on providing flexibility and reducing friction, these expanded capabilities are also designed to reduce the risk of threats like ransomware. 

According to the Verizon 2022 Data Breach Investigations Report, compromised credentials are the leading attack path and increasingly result in ransomware attacks, which have grown 13% in the last year and are now 25% of total security breaches.

The newly expanded features of the Connection Manager provide customers with the flexibility to use their Security Assertion Markup Language (SAML) Identity Provider with the browser of choice when initiating remote access sessions through Secret Server, Delinea's vault solution.

The best security practices recommend using SAML in conjunction with vaulted credentials and multi-factor authentication to access resources and applications. This reduces the risks of lateral movement and compromised credentials that can lead to ransomware attacks. 

The extended features of Connection Manager make it easier for customers to use this workflow, enabling them to minimise repeat logins while retaining the benefits of SAML single sign-on (SSO), which reduces friction and increases usability and productivity.