Strengthen and Simplify Container and DevOps Security with CyberArk Conjur Enterprise V5
July 17, 2018 | DevOps | Chris Smith
Today we’re excited to announce CyberArk Conjur Enterprise V5 and also a new Vault Synchronizer as part of our commitment to strengthen and simplify security for DevOps and container environments. The V5 release adds new enterprise-class features and capabilities to the Conjur platform, which benefits security teams, operations and developers. For example, it is now easier for developers to migrate from Conjur Open Source to Conjur Enterprise. Conjur Enterprise now includes all of the integrations with container platforms and the CyberArk Vault offered earlier this year, as well as various performance improvements and enhancements.
New features in V5 include:
- New capability to improve AWS workload security: CyberArk Conjur utilizes the native capabilities of AWS identity and access management (IAM) roles for strong authentication, while using Conjur for policy-based authorization. This enables developers and security teams to avoid re-work and any impact on velocity by enabling Conjur-defined policies to be applied to already defined AWS IAM roles. Conjur now authenticates to any of the AWS Principles, including AWS Elastic Compute Cloud (EC2), AWS Elastic Container Service (ECS) instances, AWS Auto Scaling and Lambda functions. This new capability is available for both Conjur Enterprise and Open Source, enabling organizations using AWS and CyberArk to more securely manage access policies across AWS, hybrid, multi-cloud and CI/CD pipelines.
Simplified transition from open source to enterprise: Conjur Enterprise V5 leverages all of the powerful features and integrations initially developed for Conjur Open Source.
- New capabilities previously available via Conjur Enterprise are now available also via Conjur Open Source. For example, Kubernetes and Red Hat OpenShift integrations are all available for both versions of Conjur.
- Conjur Enterprise V5 also enhances various enterprise-class capabilities including streamlining policy loading and policy management, improving master cluster performance and improved auditing features that use the industry-standard RFC 5424 protocol.
Importantly, as we’ve made multiple updates and enhancements to Conjur Enterprise over the past few months, here is a brief recap of some of the integrations:
- Strong container security: V5 includes all the recently offered integrations with leading container platforms – including Kubernetes, OpenShift, Pivotal Cloud Foundry and Cloud Foundry. Each integration takes advantage of the container platform’s native authentication capabilities and CyberArk’s robust security and policy capabilities. This makes it easier for developers to more securely deliver secrets and other credentials in any of the leading container environments.
- Consistently managing secrets and credentials across the entire enterprise: Together with the new Synchronizer, the V5 release improves the performance and expands the integration with the CyberArk Enterprise Password Vault. The integrated solution automatically replicates secrets between the CyberArk vault, CyberArk Conjur and any container platform or native DevOps tool integrated with CyberArk Conjur. Now with the various integrations, enterprises can manage secrets in container platforms using the same policies already established in the CyberArk Vault and applied across the enterprise. Customers gain a simplified, consistent end-to-end secrets management solution that can extend to every compute and development platform, including native tools and container platforms integrated with Conjur.
Improvements in the latest release of Conjur Enterprise demonstrate CyberArk’s continued commitment and investment in the DevOps space with the enterprise-class capabilities of Conjur Enterprise, while making the Open Source version feature rich and easily accessible to developers. It was exciting to see all the interest from our customers at the DevOps sessions at CyberArk IMPACT in Europe, just last week, and now at the training sessions at IMPACT Americas. If you haven’t already, we encourage you to reach out to the Systems Engineer assigned to your organization to learn more about Conjur, encourage your developers to try Conjur Open Source, or reach out to sales to schedule a DevOps workshop or for more information.
- To learn more about CyberArk Conjur, visit: https://www.cyberark.com/conjur
- To learn more about Conjur support for specific container platform and AWS integrations, visit: https://docs.conjur.org/
- A new white paper is available “Securing DevOps Environments in the Enterprise with CyberArk Conjur” from com/Resources
- You can also take a Conjur Open Source tutorial by registering here for the hosted demo. Everyone that registers also receives our new DevOps newsletter.