Puppet and CyberArc combine to improve DevOps workflows

Puppet and CyberArc announced their partnership last week, as they “strive” to embed security modules into DevOps workflows, according to SecurityBriefNZ.

The two companies plan to create supported modules, providing automated, enterprise-grade protection.

Dynamic DevOps environments involve the creation, use and disablement of many tools, scripts and applications or services, according to CyberArk.

SSH/API keys, passwords and certificates they use are often disturbed, which can cause applications to not run properly.

The accounts also provide access to sensitive resources, which makes them vulnareable to cyber attacks.

Puppet’s vice-president of business development, Tim Zonca, said to SecurityBriefNZ: “The integrated solution provides security with a strong authentication mechanism for machines before granting secrets, as well as implementing least privilege for nodes.”

While assuring security teams that best practices are being applied to dynamic environments, the partnership also allows DevOps teams to integrate security best practices into cloud-native application development projects.

Written by Leah Alger