DEVOPS SECURITY BLOG

KubeCon + CloudNativeCon San Diego Wrap up

We are thankful to have been a part of the four Kubernetes community filled days – five, including the day…

Four Ways to Keep Kubernetes’ Secrets Secret

We have talked a lot about the speed at which DevOps innovation has moved and how security has consistently struggled…

Open Source: How to Eat Your Own Dog Food

We all want our Open Source projects to be clear and simple to contribute to and we may think that…

Stop Bashing Bash

Admit it, you still write bash. Maybe a lot of bash. We all think we can avoid it, but we…

Let’s Open up the Discussion

You are reading this on Conjur.org because you love DevOps, open source, Conjur, or maybe it’s the sound of my…

Managing Secrets in Red Hat Ansible Automation Playbooks

Ansible is an agentless management tool that can manage provisioning, configuration, and deployment of applications. RedHat acquired Ansible in 2015…

2019 DevOpsDays Boston Recap

This week we sent some of our team to DevOpsDays Boston. As usual, the real strength of the event were…

How to Give Developers Access Without Giving Away Too Much Control

When you are developing an application, there are some important things that should not fall into the hands of strangers….

Setting up SSH Key management for multiple servers with Conjur

The SSH or Secure Shell protocol has become the industry standard for logging into one computer from another. Engineers use…

Getting off The Jenkins Island

CyberArk was happy to be a part of Jenkins World, aka DevOps World, which took place this year in San…

This is a DevOps Dishwasher

This is an article about washing dishes. This is also an article about DevOps, but mostly it’s about washing dishes….

How To Secure Secrets Within Your Java Application With an Open Source Secrets Management SDK

Over the past decade, my career has evolved from Development to DevOps and most recently to DevSecOps. DevSecOps is the result of organizations…

The Sword in the Darkness, the Watcher on the Wall

If you are reading this, you probably got sucked into watching Game of Thrones when it first aired on HBO…

Top 3 Things to Avoid When Using Containers

When talking about increasing development velocity for your teams, containers are at the forefront of the conversation on the new…

Conjur Open Source is Going Secretless

The Application Developer Access Dilemma As application developers, we need secure access to resources – such as databases, SSH servers,…

Mitigating Risk in the Cloud with Authorization of Amazon Web Services Apps

In this article, we’re going to talk about the problems surrounding authorization for your AWS account. We’ll define what those…

CI/CD Servers Know All Your Plumbing Secrets

The DevOps culture shift and the move to continuous integration and deployment have required different tooling and utilities than previous…

KubeCon 2019: The Conference for the Sagrada Familia of Software

Introduction KubeCon is the premiere conference for the Kubernetes and cloud-native communities. Every year it is held jointly with CloudNativeCon,…

Trustless Security in Practice

It’s not an overstatement that in today’s world, it’s dangerous to expose software services to the public without robust security…

Open Source Software isn’t Really Free, but it’s the Future of Business

Before the dotcom bubble bust in the early 2000’s, “irrational exuberance” drove stock valuations for internet companies that offered free…

Using Conjur RBAC with Your Kubernetes Cluster

2015 wasn’t very long ago, but when we look at significant events in computing, that was the year that the…

Using Conjur with Terraform

What is Terraform? Terraform is a tool for managing infrastructure as code.  You define your architecture and software setup once,…

Managing and Understanding the Secrets of IoT

The Internet of Things, or IoT, is what allows us to take the power of computing beyond desktops, servers, and…

Loading Your Database Credentials at Runtime with Conjur

Back when I first became a programmer, it was a common practice to include database credentials right in the code…

Conjur Open Source Now Natively Integrates with Terraform

This integration allows Terraform users to leverage Conjur’s advanced non-human access control capabilities such as robust secrets management, tamper resistant...

Running a Kanban Standup Meeting

Scrum Standups: A Refresher Engineers working in teams that use Scrum should be familiar with the format of a daily...

Introducing KubiScan

Kubernetes permissions are built with role-based access controls (RBAC), which open up potential risks and need to be carefully controlled. ...

To Key or Not to Key: That is the Question

Over the past few years, whether you’re a developer, a system administrator, or a security professional, your world has changed a...

On Delivering Quality

I had the pleasure of recently eating dinner at Kitchen Market, a contemporary fusion restaurant in Tel Aviv’s port Namal....

CyberArk CNCF KubeCon 2018 Wrap up

I was really excited to attend the Cloud Native Computing Foundation’s (CNCF) KubeCon + CloudNativeCon Kubernetes conference in Seattle. I...

Special Cases Are a Code Smell

LA parking signs A Warning Sign Los Angeles is famous for its complicated parking signs: Sunny totems of rules and...

Security Islands

The last decade has been an exciting time for the tech industry, with the advent of collaborative business practices like...

Securing your day-to-day DevOps work in Ansible

Ansible is an excellent tool for automating procedures across multiple machines. To do this, it uses multiple SSH connections to…

Cleaning History for GitHub PRs

At CyberArk, code reviews are a part of daily life. Getting input from peers is essential to maintaining high code...

Syncing the Enterprise On-premises World of Security With DevOps

If your organization has been successful since before containers were a thing, then you probably already have a mix of...

Introducing the Secretless Broker Open Source Beta

CyberArk is incredibly pleased to announce the beta release of a new open source project, Secretless Broker. Secretless Broker makes...

“One-Click” K8s Authentication & Secrets Management on GCP

CyberArk Conjur Open Source is now available as a Kubernetes application in the Google Cloud Platform (GCP) Marketplace. The new...

Using Summon to Manage Secrets as You Move From Dev to Prod

I’ve recently been working with secrets.yml files that point to different secrets for different environments, and I wanted to share...

Don’t Get Pwned by Secret Zero

  The Secret Zero Problem I have talked to a number of security conscious professionals across a wide range of...

Building a Windows Installer from a Linux CI Pipeline

With the rise of Go, cross-compiling platform agnostic code has become more accessible than ever. Building a Windows binary of...

In Pursuit of Performance 

Fast software is satisfying to use, less costly to operate, and responds better to scale. Yet trying to improve the...

Should small software teams use Kubernetes?

Buzz about Kubernetes is everywhere, and plenty of large organizations have adopted it. But what about smaller organizations? Is the...

Why are so many companies getting hacked lately, and what can be done about it?

If you think you're hearing about a company getting hacked almost every day, that's because you're correct: there were over...

Making Ruby Yours

Pulling at a loose thread One day I noticed an inconsistency as I was joining together lists of words. Consider...

Breathe Easy with a Self-Healing Conjur Cluster 

  “The great thing about software and servers is they always work as expected.” – Said no one, ever When…

Docker Security

Containerization has taken the technology world by storm. Docker emerged as the de-facto leader in the base technology making it all possible. Because containerization necessitates consistency throughout your infrastructure, even...

How we architected the Conjur service to handle infinite traffic

Challenge Conjur is built to allow you to control access to your critical systems. This makes Conjur a critical security...

Kubernetes Authentication with Conjur

One of the biggest challenges in containerized environments like Kubernetes is the secure distribution of credentials and other secrets needed...

Microservices First

Martin Fowler’s popular article on microservices contains this advice: Going directly to a microservices architecture is risky, so consider building...

DevOps Security at Scale

This is the sixth and final blog post in a series discussing how high-performing DevOps teams build secure systems at scale….

Secure your Kubernetes-deployed applications with CyberArk Conjur

In the dynamic world of containers there are challenges around providing secrets needed for a containerized workflow without hurting the…

Every Free Software Community Needs a Code of Conduct

The Conjur team spends a lot of time thinking about security policies. We create them regularly for our own operations…

DevOps Security at Scale

This is the fifth blog post in a series discussing how high-performing DevOps teams build secure systems at scale. If…

Securing Puppet With Conjur

  Configuring servers by hand is a costly and error-prone endeavor that increases in difficulty as the number of servers…

Enhancing AWS Secrets Manager with Summon

  At their San Francisco Summit today, Amazon released AWS Secrets Manager. It’s a native AWS service that simplifies the...

Understanding Conjur Policy

  If this article is the first time you’re hearing about CyberArk Conjur, you’ll probably want to read some of…

Managing Secrets in DevOps: A Maturity Model

  How would you assess your team’s current cyber security level within your organization? If you’re like most, your team...

Securing Ansible SSH Keys

  Managing the SSH keys Ansible uses to connect to remote machines can be challenging. Placing keys on the Ansible…

DevOps Security at Scale

  This is the fourth blog post in a series discussing how high-performing DevOps teams build secure systems at scale….

Cloud Foundry Integration Available in GitHub

We are excited to announce the release of a new integration between Conjur and Cloud Foundry (CF). Cloud Foundry users...

Conjur Store’n’Fetch: 10 minutes to easy secrets management

  This is the first blog post in a series focusing on DevOps security workflows with Conjur. Check back for…

Simple Steps to Protect Your DevOps Tools From Crypto Miners

  What happened at Tesla? Tesla’s Amazon cloud accounts were breached recently by hackers who put the stolen servers to...

DevSecOps is an Abomination!

  Dr. Frankenstein’s monster is one of the most hated and misunderstood monsters of all time. Frankenstein brought his creation…

DevOps Security at Scale

  This is the third blog post in a series discussing how high-performing DevOps teams build secure systems at scale….

DevOps Security at Scale

  This is the second blog post in a series discussing how high-performing DevOps teams build secure systems at scale….

The Secure Task Runner

  Even if you’ve never heard of Jenkins, you might be benefiting from it already: many companies and open source...

DevOps Security at Scale

This is the first installment in a series of blog posts on this topic. Years have passed since the software…

Untangling Jenkins

  Our Jenkins cluster had become a paralyzing mass of jobs, executor dependencies, and general complexity, not what you want...

Introducing the Conjur DevOps Security Blog

We know it takes a lot to get a secure cloud automation project into production. Every day we are helping...