This whitepaper addresses questions raised by security leaders that want to better understand their organization’s development environments, the risks development tools expose and the best practices and approaches for securing them, across the software supply chain. Three focus areas are examined which address how security leaders can secure developer endpoints, the applications being developed, as well as the tool and admin consoles used to run CI/CD pipelines and development environments. Each provide best practices and practical steps, including how to achieve developer adoption, and are based on customer and deployment examples.
Recommended for You
34:54The New Frontline of Securing Non-Human Identities in the Cloud
Watch how to protect and securely deploy your secrets in a multi-cloud world.
CyberArk 2023 Identity Security Threat Landscape Infographic
Identity-led cybersecurity exposure is on the rise.
CyberArk 2023 Identity Security Threat Landscape Report
AI Tool Use, Employee Churn and Economic Pressures Fuel the Identity Attack Surface
31:544 Key Steps to Eliminate Vault Sprawl Across AWS Applications
How CyberArk and AWS provide simple and effective secrets management.
25:33DevOps Tools are the Weak Link for Software Supply Chain Security: Here’s a Fix
Puppet, Chef, Ansible, and others are great for developers but pose serious risk.
30:30Are These The Droids You’re Looking For - Bringing Balance to Application Identities
If the entire security industry warped into a Galaxy Far, Far, Away, are we wrong to think that Identity Security would be the force that surrounds us?
30:53Secrets Management Essentials for Developers
While the concept of secrets management is not new, it has evolved significantly over the years, especially with the shift from static to dynamic applications and increasingly distributed teams.
Secrets Management: Meeting Developers Where They Are
There’s always a balancing act when it comes to building and deploying cloud-native applications in environments like Amazon Web Services (AWS). The whole point of moving production to the cloud...
Securing Non-human Identities and Managing Secrets in Multi-cloud Environments
Learn how SaaS-based secrets management can help security teams quickly secure secrets and non-human across multi-cloud environments.
Deconstructing Identity Security
Most companies now recognize the serious and insidious nature of cybersecurity threats. But many fail to grasp that the digital transformation, remote work, automation and cloud migration...
Post-CircleCI Breach, Focus on Identity Security Strategy
When news of the recent CircleCI breach broke, developers everywhere scrambled to rotate tokens and remove hardcoded secrets stored in the popular CI/CD platform to minimize their exposure. Now...
37:47Can SaaS Deliver Nirvana for Overtaxed Security Teams?
Developers want security solutions that don't slow them down - why are SaaS based secrets management solutions the answer for overtaxed security teams?
How to Secure Secrets in Multi-cloud Environments
It wasn’t too long ago that using a single cloud for some business operations was cutting-edge technology. Now the cloud is essential for accelerating growth, improving efficiency and remaining...
How Identity Security Addresses Key DoD Zero Trust Requirements
The U.S. Department of Defense (DoD) is going all in on Zero Trust. In late 2022, the Pentagon released its long-anticipated Zero Trust strategy and roadmap for migrating “trusted” perimeter-based...
47:51Securing Application Identities in 2023: Five Trends And A Prediction
Join Kurt Sand, General Manager of DevSecOps at CyberArk, as he sits down with The Reg’s Tim Phillips to discuss the top emerging trends in the DevSecOps space, along with one big future prediction.
CircleCI Breach Exposes Risk of Hard-coded Secrets
The recent CircleCI breach highlights the risk of storing secrets in places like private code repositories (GitHub), scripts, configuration files, files encrypted at rest, CI/CD pipeline code or...
28:21Disruptive DevSecOps 2022 - DevOps for Better Security
Agencies are continuously updating their software development lifecycles and IT operations. It’s critical for them to maintain a short timeframe during this process to improve workflows.
KuppingerCole Leadership Compass Report for CIEM & DREAM
KuppingerCole Analyst Report recognizes the CyberArk Identity Security Platform for strengths in PAM, Cloud Security, least privilege access / CIEM, Secrets Management and just-in-time access.
Secrets Hub
Enabling organizations using AWS Secrets Manager to gain all the advantages of centralized secrets management with the same developer experience.
NIST Secure Software Development Framework (SSDF) Guidance for Identity Security
Learn how the CyberArk Identity Security Platform can help you meet the NIST Secure Software Development Framework guidance.
