CyberArk Launches Open Source Secrets Management Solution for DevOps

Chennai, India – September 7, 2017 – CyberArk (NASDAQ: CYBR), the undisputed leader in Privileged Account Security and company that protects organizations from cyber attacks across the enterprise, into the cloud and throughout the DevOps pipeline, today announced the availability of an open source version of CyberArk Conjur. CyberArk Conjur enables DevOps teams to automatically secure and manage secrets used by machines and users to protect containerized and cloud-native applications across the DevOps pipeline.

Withincreased DevOps adoption comes an expanding attack surface with an exponentialset of secrets that insiders and malicious external threat actors can misuse,target and exploit. With CyberArk Conjur, DevOps teams gain the simplicitythey need to incorporate security best practices into workflows. Secretsmanagement is easily embedded into the CI/CD process through certifiedintegrations with leading developer toolsets. The open source version ofCyberArk Conjur is now available for download from  and GitHub

“Developerstend to believe that security in development slows them down. ContinuousIntegration, DevOps practices and automation improves agility, but alsointroduces security risks, such as storing secrets in source code repositoriesor leaving credentials sitting around on disk,” said Adrian Lane, CTO,Securosis. “DevOps does not mean we need to capitulate on build security; quitethe contrary. We need to automate secrets management into the process as well,and create an audit trail to prove we're delivering code and servicessecurely.” 

CyberArkConjur is the only platform-independent secrets management solution specifically architectedfor securing containers and microservices. It can be deployed to any cloud oron-premises environment and supports massive scale. This solutionallows DevOpsteams to integrate security best practices into their cloud-native applicationdevelopment projects with ease, while giving security teams assurance thatsecurity and compliance best practices are being applied to these dynamicenvironments, without creating new security silos. 

“JFrog usesCyberArk Conjur to secure our cloud infrastructure in order to build anddeliver DevOps software like Artifactory and Bintray,” said Yoav Landman,co-founder and CTO, JFrog. “JFrog and open source go way back to when welaunched the company in 2008 through today where we are providingfree repositories and distribution services to millions of open sourcedevelopers. As a customer, we are pleased to see that CyberArk is making a highquality open source version of Conjur available to the community.” 

ExpandingUse of Open Source and the Path to More Secure DevOps Adoption

Accordingto 451 Research, there is a clear and quantitativerelationship between adoption of open-source software and DevOps success.However, there is a gap in the tools available via the open source community tosecure applications leveraging new architectures based on containers andmicroservices. Many of these tools are exceedingly complex to deploy and createunmanaged security islands. As the market leader and innovator in Privileged Account Security, CyberArk is uniquely qualifiedto contribute to better security tooling that sets a new industry standard forsecrets management, enabling customers to move to a DevOps delivery model thatreduces risk without impacting velocity. 

“Companiesembracing digital transformation are adopting DevOps methodologies and thecloud to bring new services to market at velocity, and open source andcommunity-driven development has become the dominant paradigm,” said ElizabethLawler, vice president, DevOps security, CyberArk. “Conjur has benefited andcontributed to the open source community throughout its history, so makingConjur available via open source is an opportunity for CyberArk to share itsexpertise for the betterment of cybersecurity globally.” 

CyberArkConjur enables organizations, regardless of where they are in their DevOpsjourney, to integrate secrets management and machine identity security intotheir projects with minimal effort. For customers that require enterprisefeatures or integration with the CyberArk Privileged Account Security Solution, CyberArkoffers a seamless upgrade path from the open source version to CyberArk ConjurEnterprise. 

KeyResources and Actions:

Additionally,CyberArk’s Elizabeth Lawler is delivering a keynote, “This (DevOps) Changes Everything. Or Not?,” at DevSecConBoston, September 12, 2017 at 9:30 a.m. EDT.

  (0)   Comment