The bots are here…and they can code! AI tools like ChatGPT from OpenAI have burst onto the market and have…
ChatGPT Is Here: How to Use AI to Write Code and Best Practices for Security
Tag: DevOps
KubeCon 2023: Identity + Security = A Whole New World
Sold. Out. For the first time ever, KubeCon Europe 2023 was sold out (in a venue that can hold about…
The Sword in the Darkness, the Watcher on the Wall
If you are reading this, you probably got sucked into watching Game of Thrones when it first aired on HBO…
Security Automation with Red Hat Ansible Tower Introduction
No matter their occupation, nobody likes to do the same set of tasks repetitively — especially when automation is an…
Tutorial: Kubernetes Vulnerability Scanning & Testing With Open Source
Mainstream technology enterprises widely use Kubernetes. It’s an extendable, lightweight, open-source container orchestration platform. This popular platform has an ever-expanding…
DevOps Security: Cloud Secrets Management, from Multi-Cloud to Cloud Agnostic Environments
Organizations are migrating and deploying new workloads in cloud environments much more rapidly than ever, instead of expanding traditional on-premises…
Secrets Management RBAC Policy Example
Conjur controls access to secrets using role-based access control (RBAC). We cover this in detail in Policy Concepts, but, to…
Behind the Curtain of Conjur Open Source Suite (OSS) Releases
Since our first release of the Conjur Open Source Suite (OSS) aimed at helping development teams make the most of our secrets management…
Security Automation: Best Practices for Secrets Management in a Configuration-as-Code Environment
Software and infrastructure architecture are quickly evolving into cloud environments. With this migration, Infrastructure as Code (IaC) is melding with…
Application Security: Best Practices for Secrets Management to Protect Applications
Application Security Overview Good application security (AppSec) prevents unauthorized access and modifications to apps by controlling access to sensitive information…
Security Automation: How Secrets Management Supports Test Automation
One concept that doesn’t always come to mind when we think of automated application testing is secrets management. That being…
Leverage Secrets Management for Effective On-Call Support
In many ways, on-call duty and secrets management might seem to occupy pretty different parts of the IT universe. When…
Understanding Secrets Management, OAuth, and Single Sign-On (SSO)
Once upon a time, access management was a simple thing. It focused mostly on making sure that the right users…
Managing Secrets For Concourse CI Pipelines
One of the most important aspects of today’s cloud infrastructures is secrets management. There are many possible solutions, all of…
Secrets Management Overview For Developers & DevOps
Secrets management is a critical problem for developers, especially for teams adopting DevOps practices. Until recently, it was the IT…
All the World’s A Stage, and We Are Merely Software Engineers
Lessons from the Stage Software Development isn’t all drama, but I learned a lot from my time volunteering with various…
How to Build Your Secrets Management REST API’s into Postman
Machine-to-machine communication is very important in today’s business-in-the-cloud. A lot of credentials and secrets are used and shared by non-human…
Improving logs in bash scripts
Who knew that you could reasonably split logs in bash scripts without sacrificing the UX? I certainly didn’t! At least…
Security Challenges Around Chaos Engineering
Chaos engineering, which aims to make software-based systems as resilient as possible in the face of unexpected error conditions, is…
Managing Secrets Successfully in a Cloud-Native World
We’re living in a cloud-native world, and the tools and strategies that worked in the pre-cloud era often no longer…
Tutorial: Sharing Credentials Across Multi-cloud with Centralized Secrets Management
As organizations of all cuts and sizes are migrating to the cloud, there is a need to risk-assess the outcomes…
Tutorial: How I Secured Third-party Mongo API Secrets in My Node.js App Across the Cloud
Developing modern web applications in the cloud nowadays is more streamlined than ever. This is true because many external vendors…
An Introduction to Creating & Organizing Your First Public Key Store for Microservices With Secrets Management
Microservices are taking the world by storm, and the movement isn’t showing signs of slowing down any time soon. The…
Building a Comprehensive Monitoring Strategy That Includes Secrets Management
Over the past decade, software development and information technology operations have become more integrated, spawning a new approach, commonly called…
Four Ways to Keep Kubernetes’ Secrets Secret
We have talked a lot about the speed at which DevOps innovation has moved and how security has consistently struggled…
2019 DevOpsDays Boston Recap
This week we sent some of our team to DevOpsDays Boston. As usual, the real strength of the event were…
Setting up SSH Key management for multiple servers with Conjur
The SSH or Secure Shell protocol has become the industry standard for logging into one computer from another. Engineers use…
Mitigating Risk in the Cloud with Authorization of Amazon Web Services Apps
In this article, we’re going to talk about the problems surrounding authorization for your AWS account. We’ll define what those…
CI/CD Servers Know All Your Plumbing Secrets
The DevOps culture shift and the move to continuous integration and deployment have required different tooling and utilities than previous…
Managing and Understanding the Secrets of IoT
The Internet of Things, or IoT, is what allows us to take the power of computing beyond desktops, servers, and…
Loading Your Database Credentials at Runtime with Conjur
Back when I first became a programmer, it was a common practice to include database credentials right in the code…
CyberArk CNCF KubeCon 2018 Wrap up
I was really excited to attend the Cloud Native Computing Foundation’s (CNCF) KubeCon + CloudNativeCon Kubernetes conference in Seattle. I…
Introducing the Secretless Broker Open Source Beta
CyberArk is incredibly pleased to announce the beta release of a new open source project, Secretless Broker. Secretless Broker makes…
Don’t Get Pwned by Secret Zero
The Secret Zero Problem I have talked to a number of security conscious professionals across a wide range of…