Skip to content

Thycotic Secures Privileged Credentials in Kubernetes with Expanded Integration

Washington, D.C., July 14, 2020Thycotic, a provider of Privileged Access Management (PAM) solutions to more than 10,000 organizations, including 25 of the Fortune 100, today announced their expanded integration with Kubernetes (K8s), an open-source container management system, to manage privileged credentials within both Secret Server and DevOps Secrets Vault. This integration is designed to ensure security within the DevOps pipeline across customer networks through a full-featured PAM vault.

The current bulky workflow of DevOps environments can often expose security vulnerabilities related to privilege management. K8s is an open-source system for automating deployment, scaling, and management of containerized applications. The expanded integration builds on existing secrets features within K8s by providing a lightweight solution to manage privileged credentials from either Secret Server or DevOps Secrets Vault. Thycotic takes advantage of the K8s “mutating admission webhook” to patch secrets with data ingested from Secret Server or DevOps Secrets Vault without the overhead and complexities associated with sidecars.

For organizations with large DevOps deployments, having a single, integrated PAM solution allows for centralized control, consistent privilege policies, and comprehensive reporting. This empowers developers, engineers, and other IT teams to conduct their work securely and with a centralized, policy-based system. It also removes the widespread problem of the DevOps team's hard-coding application credentials into scripts and configuration files.

“With the significant increase in enterprise adoption of Kubernetes, security of these environments is paramount,” said Jai Dargan, Vice President of Product Management at Thycotic. “This integration allows us to meet users where they are, in terms of security, with PAM solutions that work. By demonstrating our commitment to customer needs through this integration, we can ensure they can securely manage an expanding attack surface, which includes DevOps systems and pipelines.”

DevOps Secrets Vault offers elastic scalability and is purpose-built to handle the high-speed secrets required of the most challenging DevOps environments. Within these environments, system authentication and authorization must happen automatically and instantly for applications, files, services, and data to share information and kick-off processes. DevOps Secrets Vault provides instant availability of secrets, SSH keys, certificates, API keys, and tokens.

Secret Server and DevOps Secrets Vault also integrate with other DevOps tools, such as Jenkins, HashiCorp Terraform, and Red Hat Ansible. Software development kits (SDKs) for programming languages including Java, Go, Python, and .NET are also available.

Thycotic partnered with the Migus Group to deliver these K8s and other key integrations and SDKs. With over twenty years of experience in security-focused software architecture and engineering, and over a decade of experience in digital identity and management consulting, the Migus Group helps plan and execute holistic, strategic roadmaps so that companies can offer simple, reliable integrations with third-party applications and platforms.