In this 1-minute video we will take you through the DevOps Security considerations related to DevOps Tools and how secrets managements tools like CyberArk Application Access Manager and Conjur can help. In the dynamic DevOps environment, CI/CD scripts, applications, and microservices are continuously created, executed, and disabled. Each CI/CD tool relies on authentication secrets, which are scattered across physical and virtual machines, and too often hard-coded into application code and playbooks, making them nearly impossible to track and manage.
Worse still, credentials are often issued by build team members, independently of the security organization. Secrets often remain unchanged for months or even years after release. Former employees, contractors and development partners often maintain access to critical applications and systems long after termination, exposing the business to security breaches, malicious attacks and confidential data theft.