The senhasegura DevOps Secret Management (DSM) allows easy management of applications and secrets in a DevOps environment.
A secret is a set of sensitive information, such as credentials, cloud access keys or key/value pairs used in DevOps environment, which grants access to systems like databases, API servers, cloud services, and others. Developers and Security Teams often have dificulties managing those sensitive data on environemts like CI/CD pipelines, Infrastructure-as-a-Code (IaaC), automation tools such as Ansible and Puppet, or even hard-coded inside application dependencies. DevOps Secret Management module offers an easy-to-use way of managing secrets on those environments through an user-friendly interface, centralizing sensitive data in a secure and encrypted vault.
Applications inside senhasegura DSM allows administrators to create access segregation policies, where each application can have one or more Authorizations, allowing access to specific Secrets. Also, senhasegura DSM will automatically create reports based on those aplications, making easy for auditors to search specific data.
Authenticators provide a secure way to guarantee trust between different applications for the purpose of exchanging secrets and to manage applications, authorizations and related functions. DevOps Secret Management module provides integration with the most used authenticators as described in the following section.
DevOps Secret Management Authorizations allows administrators to define the access policies to application and secrets data. Those access policies provide configurations such as:
📄️ Dynamic provisioning
To grant a high security level into elastic environments, senhasegura DSM allows secret automatic provisioning and deprovisioning on cloud providers, environments and systems such as databases, Windows and Linux servers, etc. This allows administrators to create a more secure secret management approach, where every application can have its secrets provisioned through Just-in-Time policies.
DevOps Secret Management module allows administrators to setup automations for active life-cycle management of secrets in applications like cloud secret management services such as Google Cloud Secret Manager, Azure Key Vault, AWS Secrets Manager, and others, as well as Kubernetes environments, configuration files inside servers, etc...
📄️ CI/CD Reports
Using senhasegura DSM administrators can easily discover environment variables running in CI/CD solutions such as GitLab, GitHub, Azure DevOps, and others, through the usage of plugins or even through API calls. This makes easy to find sensitive informations on variables without the needing of manual search inside pipelines or CI/CD configured variables.