Improving cloud security practices for DevOps teams

Technology integration allows customers to securely leverage existing keys, secrets, tokens, and certificates into declarative CI/CD pipelines and ease the management of HashiCorp Vault infrastructure and security practices.

Opsera and HashiCorp partner with plans on improving cloud security practices for DevOps teams

Opsera, the Continuous Orchestration platform for DevOps, has announced its technology partnership with HashiCorp, a leader in multi-cloud infrastructure automation software. Opsera offers customers the choice to use a dedicated instance of Hashicorp Vault provisioned in their own data-plane or to “bring their own Vault” by connecting Opsera’s platform with existing HashiCorp Vault instances.

HashiCorp Vault provides the foundation for modern multi-cloud security. It is purpose-built in the cloud era to authenticate and access different clouds, systems, and endpoints, and centrally store, access, and deploy secrets (API keys, credentials, etc). It also provides a simple workflow to encrypt data in flight and at rest.

Opsera’s Continuous Orchestration platform for DevOps helps engineers provision or integrate CI/CD tools of choice from a common architectural framework and was designed with layered security measures to ensure peace of mind. Opsera architected its platform by separating a multi-tenant “control plane” SaaS infrastructure from all customer data by deploying customer-dedicated Virtual Private Clouds (VPCs) for each customer and keeping all tools, processes, data, configurations, observability, and secrets in a dedicated VPC.

HashiCorp Vault lets users secure, store and tightly control access to tokens, passwords, certificates, and encryption keys for protecting secrets and other sensitive data. Opsera’s SaaS platform can provision and scale a HashiCorp Vault instance on behalf of each customer. Customers can also integrate their own managed Vaults with Opsera to centrally manage keys, secrets, tokens, and certificates, as well as the policies and standards for their CI/CD pipelines.

Opsera’s platform can manage the lifecycle of the Vault infrastructure within a customer’s dedicated VPC providing several layers of separation and defense. This technology integration removes friction by creating a centralized and standardized secrets store to reduce the risk of a breach due to the secrets sprawl and streamline security operations. The result is unparalleled security tactics for secrets and private key material but allows the flexibility for approved end-users to access them through the tools and technologies they’re already using today.

“Security is a top priority and challenge for any company using SaaS, especially when entrusting an externally hosted platform with the keys to their mission-critical infrastructure. With the technology integration with HashiCorp Vault, we are pleased to offer customers choice and flexibility when it comes to protecting their secrets. This partnership helps our customers integrate the secrets seamlessly into their software delivery (CI/CD workflows, toolchain automation, and cloud services, etc.) and strengthens our ongoing mission to keep customers’ data as secure as possible,” said Kumar Chivukula, CTO and co-founder of Opsera.

“With the widespread usage of multi-cloud and CI/CD pipelines to deliver software, businesses need to store data in multiple locations simultaneously, presenting challenges in centrally managing and controlling access to secrets. With HashiCorp Vault, customers maintain full control of their secrets by using their own managed Vault instance to give role-based access to secrets spread across various cloud storage providers, data centers, while also keeping detailed access logs. Opsera, with its ‘bring your own Vault’ feature, makes it possible for customers to securely access private key material across all of the tools and CI/CD pipelines for software delivery,” says Asvin Ramesh, Director, Technology Partners at HashiCorp.