Data Sheet

Shift Left into DevOps, Making Development Faster and More Secure

DevOps methodology is a movement that speeds development, increases collaboration with operations teams and delivers rapid innovation that serves as a competitive advantage to the organization. DevOps has promised—and delivered—faster time to market and continuous delivery. When failure happens, the method is to rollback and adjust. This emphasis on speed, failing fast and moving forward often leads to developers taking shortcuts. And shortcuts—at least when it comes to TLS certificates—can introduce vulnerabilities.

The most common shortcuts developer teams use include creation of their own rogue certificate authority (CA) to issue certificates, use of wildcard certificates outside of policy and use of improperly signed certificates. It’s common for developers to believe that OpenSSL, self-signed certificates or certificates from cloud providers are “good enough” to achieve secure connection.

The challenges are greater than they seem. Relying on certificate provisioning services from cloud providers can result in cloud lock-in and prevent the organization from running workloads across more than one cloud without rewriting the application for each provider. Lack of visibility over certificate inventories, along with proper governance over the way certificates are configured, can lead to failed compliance audits, a sign that the organization is vulnerable to potential security risks. Incomplete or improper management over where certificates are used often results in hard- to-diagnose outages caused by expired certificates.

Why use TLS Protect Cloud^TM?

Make DevOps Both Fast and Secure

Make it easy for developers to request and install certificates with built-in policy compliance. Security defines policy both for configurations and approved CAs for issuance, eliminating the concern for developers and keeping the organization compliant.

Integrations with Leading DevOps Tools

Support for SDK and ACME servers, open source libraries (VCert) used by the most popular DevOps frameworks, and leading open source tools with a well-documented API, providing flexibility to incorporate a common service for any application or CI/CD pipeline.

Regulatory and Policy Compliance

Improve policy compliance through reporting and enforcement, ensuring TLS security across the hybrid enterprise.

Central Control, Flexibility and Crypto-Agility

Security teams have a central point of control to quickly and easily change TLS certificate configuration and trusted CAs to adapt to changes without impacting application development teams or their applications.

Key Features

TLS Protect Cloud is a cloud-native platform that provides developers with a fast and easy API-driven interface to request certificates using integrations with a broad range of popular DevOps tools. Security teams can define approved third-party CAs and set configuration policies that are automatically applied, making it fast, easy and secure for developers. A centralized inventory of all certificates provides visibility and dashboard reporting to prevent expirations and monitor policy compliance.

• DevOps Tooling Integrations
  • Prebuilt open source integrations scale certificate issuance as part of CI/CD pipelines and automated workflows.
• Cloud Provider Integrations
  • Deploy certificates from leading CAs directly to Azure Key Vault and Azure web apps.
• Define and Enforce Policies
  • Automate the enforcement of policies to control configuration and issuance from authorized CAs.
• Certificate Lifecycle Automation
  • Automate certificate lifecycles for Kubernetes, OpenShift clusters and external-facing infrastructure such as load balancers and web servers.
• API, VCert and SDK
  • REST APIs to perform certificate management actions, easily generate keys using VCert (open source libraries) and integrate tasks with VCert SDK written in Go, Java, Ruby or Python.

---

DevOps methodology is a movement that speeds development, increases collaboration with operations teams and delivers rapid innovation that serves as a competitive advantage to the organization. DevOps has promised—and delivered—faster time to market and continuous delivery. When failure happens, the method is to rollback and adjust. This emphasis on speed, failing fast and moving forward often leads to developers taking shortcuts. And shortcuts—at least when it comes to TLS certificates—can introduce vulnerabilities. Download this data sheet to learn more about how we support cloud native infrastructures.