News

DevOps specialist working wirh CyberArk Conjur
4 July 2024
Integrity Partners

CyberArk Conjur. Secure DevOps environment

The DevOps methodology has been gaining more and more followers, both among big corporations and small IT businesses. By combining strict collaboration of developers and administrators as well as through a wide use of work automation tools, it makes IT teams faster and more effective. However, it has its weak points which affect the security of the whole environment. CyberArk Conjur is a solution which can help. How does it work? Let us explain! 

The foundations of DevOps are communication, collaboration and integrations between developers and specialists in the operation of IT systems. This particular methodology accelerates the development of software, products and services. For such efficient collaboration to be possible, it is necessary to automate the IT environment as well as to use multiple tools and cloud-based resources. 
The DevOps methodology
Physical users and various kinds of tools are part of the process of creating software by following the DevOps methodology. Each day, IT environments use new microservices which communicate with one another as well as with users and administrators by means of special credentials called secrets. The entire authentication process in DevOps takes place automatically and remains outside the control of the security department. This means that unauthorised persons can sneak inside programming tools or hijack the administrator’s account and then infect the code, thereby infecting the entire IT system. 

In other words, though the DevOps methodology enables the implementation of multiple tools that optimise development, testing and deployment of new software, it fails to ensure adequate security of the whole IT environment. It results from, among other reasons, the lack of one location for managing credentials and privileged accounts as well as the inability to use rotation of passwords, keys and tokens, since multiple tools share the same data. 
CyberArk Conjur 
CyberArk Conjur is a solution to this problem. It was designed for managing security, credentials and access in DevOps environments. The tool supports the administration of secrets used by applications, microservices, Continuous Integration (CI) and Continuous Delivery (CD), APIs etc. It is an additional module – an extension of the standard Core Privileged Access Security module. 
CyberArk Conjur supports: 
– managing data secrets such as tokens, SSH keys, API keys, certificates
– the use of RBAC (role-based access control) mechanisms
– secure storage and management of secrets combined with the mechanism of automatic rotations based on configurable policies
– centralised audit for all events and operations, including report generation
– full integration with DevOps tools such as Ansible, Chef, Jenkins, and Puppet as well as containerization tools, e.g. Docker, OpenShift etc. 

How does CyberArk Conjur work? It dynamically collects credentials from a secure location (Vault) only when the given tool, application or system actually needs them. 

CyberArk’s solution can be easily integrated with the most common DevOps tools and platforms as well as with any systems used by enterprises. Thanks to this approach, organisations can implement and enforce predefined security models and practices. As a result, it enhances security without slowing down developers in their work. 

 

 

Data analysis and security - technology Imperva SONAR
3 June 2024
Integrity Partners

Imperva SONAR – a new dimension of data analysis and security

According to the IDC report (“Worldwide Global DataSphere Forecast”), the global amount of data will reach 180 zettabytes in 2025. This is mainly due to companies which generate new data faster than consumers do. Each year, information stored in the cloud increases by 36%. How to manage, secure, interpret and use dispersed company data for business operations? Various IT solutions can prove helpful. One of them is Imperva SONAR. 

A growing number of data results in new challenges for companies. They need to understand what happens to these resources, where they are stored, who has access to them and how they are used. 

The pandemic quickened the digital transformation by at least several years. Companies are now more willing to use the cloud and the mass storage on a much wider scale. Today data are practically everywhere: on company servers, in cloud-based services and in the hands of external companies. They can have different formats: they are structured, partly structured or raw. In many cases these are sensitive data which require special protection. 

The trick is to manage the data, but also to gain insights, draw conclusions and use the possibilities hidden in the data. Technologies can help. 
Understanding data 
The Database Activity Monitoring (DAM) systems have been on the market for years. They serve to monitor and analyse the activity in databases. 

The Imperva DAM solution which is included in our offer enables detection of locations in the company IT environment where confidential data are stored and determination of databases with gaps in safeguards. It assists in managing access and policies, it shows who has access to what data and informs about unusual user behaviours, alerting the administrator in case of any anomalies. 

But this is still not enough to protect data and use their potential. In the face of constantly expanding company infrastructure, it is important to know where the data are stored, it is important to monitor and alert, but what also matters is quick response and extensive automation. 

In order to address the current needs of many companies, Imperva launched the SONAR platform which provides a new set of features meeting the requirements with respect to protected databases, data collection, reporting, management and automation. Imperva SONAR can be seamlessly integrated with the existing Imperva DAM environment, reducing the total cost of ownership (TCO) and considerably increasing the capabilities of the environment. 
Imperva SONAR – full control from one location 
The new platform from Imperva is a solution designed for security departments, monitoring teams and SOC (Security Operations Centres). SONAR aggregates and segregates data from multiple sources in real time. They can be local sources, cloud-based sources, the existing Imperva Gateway devices, and third-party products (including competitors’ products). The platform provides one shared environment regardless of where the company are actually stored. SONAR works with more than 65 database types, including all top cloud providers such as AWS, Azure, Google Cloud, Snowflake and MongoDB Atlas. 

Data coming from these sources are displayed on one console with a clear layout. Thus SONAR allows to create a convenient command centre where all information is present on an ongoing basis. 

This really makes life easier for administrators. In the standard Imperva DAM solution, reports on database activity are generated at a specific time. They include only the information coming from the Imperva tools. Meanwhile, SONAR monitors and analyses all databases and the reports are generated in real time, so teams can work faster and respond to any anomalies immediately. 
Business benefits of Imperva SONAR 
The features of the SONAR platform improve the team’s performance and efficiency, which results in easily noticeable business benefits. 
Cost reduction 
Since SONAR combines the cloud and the on-premise environment, the company does not have to pay for two separate licences. As a result, the total cost of ownership (TCO) is reduced. 
More effective teams with Imperva SONAR
Imperva SONAR saves time, that is for sure. Since administrators have all data in one location, they do not have to spend their precious time switching between different source and comparing information. 
Work automation 
SONAR enables the automation of manual processes such as reporting deviations, reviewing privileges and reconciling change requests. Built-in work-flow mechanisms and contextual enrichment automatically organise multi-stage operations and direct actions, so all requests are handled without the administrator’s participation. This reduces the consumption of time and resources. 
Access to audit data in real time 
SONAR provides access to historical data in real time. Therefore, there is no need for separate archiving or audit data retrieving. The costs and the time of audits are consequently reduced. 
Enhanced security 
The improved control over data enables immediate detection of errors and threats as well as the implementation of remedial mechanisms. As a result, the security of the company and its key information resources is enhanced. 

The SONAR platform provides extended visibility of what happens to the company data as well as improved access to information, analyses and reports, all in real time and in one location. The work automation results in better team performance and it also saves both time and money. 

 

 

This website uses "cookies" in accordance with the PRIVACY POLICY. If you do not change your browser settings, you accept it. View more
Accept