The Conjur OpenAPI is a language agnostic API description standard that allows for both human and machine users to investigate…
Using Conjur REST OpenAPI to Simplify Secure Software Development
Tag: CyberArk Conjur
Setting up Conjur on OpenShift
Red Hat OpenShift is a Kubernetes-based platform for container orchestration. OpenShift differentiates itself from Kubernetes through features such as tight…
Installing Conjur in an EKS Kubernetes Cluster Using Rancher
By default, Kubernetes uses Base64 encoding to store information such as application credentials, keys, and certificates. Unfortunately, this Base64 encoding…
Conjur Secrets Management in Knative Serverless Functions
Knative is the de facto standard for running serverless workloads in Kubernetes. But what do you do when your Knative…
Using CyberArk Conjur with Azure Serverless Functions and Managed Identities
Businesses need to provide flexible access to services that scale efficiently while always protecting customer data. Technologies like microservices and…
Low-Code Secrets Management For Beginners
In recent years, there is a trend toward so-called low-code and no-code platforms. While no-code platforms often appeal to businesses…
Technical Deep Dive: Centralized Secrets Management for Multi-cloud with Infrastructure as Code
In today’s world of cloud environments, deployments often use infrastructure as code (IaC). IaC deployments use a domain-specific language (DSL)…
Remove Secrets from your Codebase
With technology becoming a central part of our daily lives, we need to keep information safe from an equally rapidly…
Why Machine Identity is as Important as User Identity to Infrastructure Security
Cloud-native applications use resources available to them online, on a public cloud platform, or hosted on-premises. IT teams apply policies…
Three Steps to Avoiding the Secret Zero Trap
Most secrets management solutions rely on a master key or “secret zero” that can unlock other credentials. The problem is…
Managing Testing Secrets in Jenkins Pipelines
In the first and second articles of this series, we discussed managing the information needed to build and test applications….
Adding Conjur Secrets Management to Your Jenkins Pipeline
The first article in this series discussed the value of integrating Conjur with Jenkins. This article focuses on implementing Conjur…
Keeping Secrets Secure on Kubernetes
Handling secrets in cloud-native environments is a challenge for many organizations. Virtually any application requires some sort of secret, such…
Why You Need Secrets Management in Your Jenkins Pipeline
Jenkins is a versatile platform for implementing continuous integration and continuous delivery (CI/CD) processes to develop applications. Using plugins, Jenkins…
Kubernetes secrets management: Build secure apps faster without secrets
Kubernetes is a popular choice for microservices because it provides scalable, portable, efficient deployment and reduces most DevOps overhead. Generally,…
DevSecOps Tutorial: Secrets Management for Jenkins CI/CD Pipelines
Maintaining secrets in a secure way is an important — though often overlooked — aspect of security. DevOps security often…
Managing Secrets for Cloud Infrastructure Tools Like Terraform
Managing cloud infrastructure isn’t a simple task at the best of times. From initial provisioning and configuration to maintenance and…
Secrets Management Deployment Tips & Tricks
Conjur provides excellent policy and command examples. The Getting Started with Conjur guides and Conjur Documentation should be your first…
Using Java Spring Boot to Administrate Secrets Management Access Policies
Secrets Management Policy Management through Java Spring Boot and Conjur The primary task of a secrets management administrator is to…
Community Perspective: Managing Secrets for Puppet Automation
DevOps teams rely heavily on their CI/CD configuration tools to automate processes, accelerate delivery timelines and innovate at high velocity….
DevOps Security: Cloud Secrets Management, from Multi-Cloud to Cloud Agnostic Environments
Organizations are migrating and deploying new workloads in cloud environments much more rapidly than ever, instead of expanding traditional on-premises…
Learning Secrets Management With Hands-on Interactive Tutorials
Learning is fun, and the best way to learn is through hands-on exercises. That’s why Conjur provides some tutorials to…
Introducing the Conjur OpenAPI Description
The Conjur REST API is now available as an open-source OpenAPI definition. This effort creates new avenues for API exploration,…
Essentials to Securing Kubernetes Secrets with Secrets Management
Secret management is essential for ensuring an organization’s cybersecurity. In this era, when users share valuable information with service providers,…
How to Setup Serverless IAM Authenticator with AWS Lambda
Lambda functions are a great way to build a microservices application without the need to provision or manage servers. You…
How a Stateless Cloud Native Application can Access Vaulted Secrets with IAM Authentication
Building a secure AWS environment requires applying security principles and guidelines around the way credentials and sensitive information are shared…
Secrets Management RBAC Policy Example
Conjur controls access to secrets using role-based access control (RBAC). We cover this in detail in Policy Concepts, but, to…
Security Considerations for Data Stream Processing
In today’s day and age, it’s hard to overstate the importance of data. Every day organizations throughout the world build…
Secret Zero: Eliminating the Ultimate Secret
Centralized secrets management addresses important DevOps security attack vectors such as secret sprawl and security islands, but it could help introduce…
Security Automation: Best Practices for Secrets Management in a Configuration-as-Code Environment
Software and infrastructure architecture are quickly evolving into cloud environments. With this migration, Infrastructure as Code (IaC) is melding with…
Cloud Native IAM EKS Secrets Management for Kubernetes
Kubernetes is a great orchestration tool for your containerized applications and Amazon’s Elastic Kubernetes Service (EKS) provides an easy way…
Puppet Secrets Management: Key Conjur v3 Enhancements
After much hard work, our team is pleased to announce the release of our new v3 of CyberArk/Conjur Puppet module…
Leverage Secrets Management for Effective On-Call Support
In many ways, on-call duty and secrets management might seem to occupy pretty different parts of the IT universe. When…
Managing Secrets For Concourse CI Pipelines
One of the most important aspects of today’s cloud infrastructures is secrets management. There are many possible solutions, all of…
Secrets Management Overview For Developers & DevOps
Secrets management is a critical problem for developers, especially for teams adopting DevOps practices. Until recently, it was the IT…
Secrets Management Best Practices for Machines and Services to Get Secure Access
When we talk about Secrets Management and handling secrets, we ought to think about all the users of the system…
Developer’s Guide to Selecting a Secrets Management Solution
The role of the developer has changed a great deal in recent years. Application architectures now include microservices, distributed systems,…
How to Build Your Secrets Management REST API’s into Postman
Machine-to-machine communication is very important in today’s business-in-the-cloud. A lot of credentials and secrets are used and shared by non-human…
How to Scan GitHub Repositories for Secrets & Credentials with Open Source
Some GitHub repositories don’t just contain code – they contain passwords, API tokens, and credentials. The worst part? These are…
New & Improved Conjur Open Source Community
I would like to take a moment to talk about the exciting work our team has done to improve the…
Tutorial: Spin up Your Kubernetes-in-Docker Cluster and They Will Come
Online demos and tutorials are a great way to introduce Kubernetes-native applications to potential users and collaborators. Often, however, these…
Managing Secrets Successfully in a Cloud-Native World
We’re living in a cloud-native world, and the tools and strategies that worked in the pre-cloud era often no longer…
What is Secrets Sprawl & How to Avoid It with Secrets Management
Secrets sprawl, as the name suggests will grow out of control and become a tangled mess when it is not…
Tutorial: Sharing Credentials Across Multi-cloud with Centralized Secrets Management
As organizations of all cuts and sizes are migrating to the cloud, there is a need to risk-assess the outcomes…
An Introduction to Creating & Organizing Your First Public Key Store for Microservices With Secrets Management
Microservices are taking the world by storm, and the movement isn’t showing signs of slowing down any time soon. The…
Building a Comprehensive Monitoring Strategy That Includes Secrets Management
Over the past decade, software development and information technology operations have become more integrated, spawning a new approach, commonly called…
How to Give Developers Access Without Giving Away Too Much Control
When you are developing an application, there are some important things that should not fall into the hands of strangers….
The Sword in the Darkness, the Watcher on the Wall
If you are reading this, you probably got sucked into watching Game of Thrones when it first aired on HBO…
Managing and Understanding the Secrets of IoT
The Internet of Things, or IoT, is what allows us to take the power of computing beyond desktops, servers, and…
Loading Your Database Credentials at Runtime with Conjur
Back when I first became a programmer, it was a common practice to include database credentials right in the code…
Don’t Get Pwned by Secret Zero
The Secret Zero Problem I have talked to a number of security conscious professionals across a wide range of…
