CipherTrust Secrets Management Powered by Akeyless Vault

Slide Note
Embed
Share

Explore Thales' CipherTrust secrets management solution for holistic data protection through encryption, access control, and centralized key management. Secure your data with automation, scalability, and DevSecOps integration.

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

omer
omer Follow

Uploaded on Mar 06, 2024 | 4 Views

Presentation Transcript

  1. CipherTrust Secrets Management Powered by Akeyless Vault Thales on Tour 2023/12/05

  2. Thales Offers a Unified Approach to Data Security D I S C O V E R P R O T E C T C O N T R O L Discover data wherever it resides and classify it Protect sensitive data with encryption or tokenization Control access to the data and centralize key management and policies THALES GROUP LIMITED DISTRIBUTION - SCOPE

  3. CipherTrust Data Security Platform CipherTrust Manager Key Management and Policies CipherTrust Connectors Encryption and Tokenization Key Secrets Management Discovery Management Discovery and Classification Ransomware Protection, Encryption and Access Control Database Protection Application Data Protection Secrets Management Tokenization Enterprise Multi Cloud KMIP THALES GROUP LIMITED DISTRIBUTION - SCOPE

  4. CipherTrust Manager Centralizes Management Across the Connectors CipherTrust Manager Centrally manage keys and secrets Enhanced auditing and reporting Developer- friendly REST APIs Role-based access FIPS 140-2 certified Multi-tenant THALES GROUP LIMITED DISTRIBUTION - SCOPE

  5. CipherTrust Data Security Platform use cases Discovery & Classification Multi Cloud Key Management Data Protection CipherTrust Platform Enterprise Key Management DevSecOps THALES GROUP LIMITED DISTRIBUTION - SCOPE

  6. Comprehensive Data Protection in One Tool THALES GROUP LIMITED DISTRIBUTION - SCOPE

  7. Secrets Management for DevSecOps: Securing Secrets at Scale CipherTrust Secrets Management* Automate access to Automate processes for Centralized management for all secret types Secrets Creating Credentials Easy to use for DevSecOps Storing Certificates Rotating API keys SaaS (Software as a Service) scalability for hybrid and multi-cloud environments Removing Tokens *Powered by Akeyless Vault PROTECT THALES GROUP LIMITED DISTRIBUTION - SCOPE

  8. Machine-to-Machine Connectivity Requires Massive Use of Secrets Application, Process, Script, Batch Job, Services Admin Password DB Credential VM Database ********* ********* Certificate API Key Cloud Service Cloud Service ********* ********* DB Password SSH Key Database VM ********* ********* THALES GROUP LIMITED DISTRIBUTION - SCOPE

  9. Major Risk and Hassle Massive Sprawl of Secrets Source Code, Scripts, CI/CD, DevOps, Production Operational Complexity - It s Chaos! Don t know how many keys and certificates they have 74% Widespread Secrets Leaks GitHub repositories have leaked keys. Recent cases: Equifax, Mercedes, UN, LastPass >100k Mission-Critical of all breaches involve hacked credentials. 61% 9 THALES GROUP LIMITED DISTRIBUTION - SCOPE

  10. What are Secrets? Types of Secrets Humans Static secrets Machines Dynamic secrets Virtual Machines SHH Keys Microservices Applications API Keys Containers Scripts Tokens THALES GROUP LIMITED DISTRIBUTION - SCOPE

  11. Cloud: Massive Increase in Use of Secrets RSA Signing Key Zero-Trust Access Identity validation is a MUST Password SSH Keys Certificate Token DevOps & Automation Less manual-initialed processes Containerization Kubernetes, Docker, Microservices TLS Certificate API Keys Private, Hybrid, Multi Cloud Multi-environments connectivity AES Encryption SQL Credentials THALES GROUP LIMITED DISTRIBUTION - SCOPE

  12. Customer Challenge: Secrets sprawl Before the cloud Physical and virtual machines Today Containers and microservices 62% of organizations do not know how many keys or certificates they have throughout their company. 42% Machines YoY Growth 2021 Global CIO Survey Keyfactor Employees Machines Employees Machines THALES GROUP LIMITED DISTRIBUTION - SCOPE

  13. DevOps Teams Facing the Overwhelming Phenomenon of Secrets Sprawl Where do they keep those Secrets? Application code Siloed secrets repositories Configuration files Infrastructure Automation tools scripts THALES GROUP LIMITED DISTRIBUTION - SCOPE

  14. Danger of the Status Quo: Breaches from Leaked Credentials Private repositories accessed through hacked auth tokens April 2022 Supply chain attack started by hacked server password December 2020 Customer data leaked through hacked unchanged access key for 3rd-party cloud December 2022 Corporate data leaked through hack of 3rd- party standing privileges December 2022 Malicious code published following code-signing certificate leak February 2022 Customer accounts compromised by Credential leak September 2019 THALES GROUP LIMITED DISTRIBUTION - SCOPE

  15. The Need to Invest in Secrets Management Access Management We have invested so much to secure human identities and access Identity Providers Multi-Factor Authentication Identity Management Privileged Access Management THALES GROUP LIMITED DISTRIBUTION - SCOPE

  16. Gartners View: Managed vs. Unmanaged Secrets Unmanaged Secrets Secrets Manager Storing secrets in clear text Vaulted and encrypted secrets Not rotating secrets Automated rotation Not revoking secrets TTL, lease time Reusing secrets Dynamic secrets Unable to track secrets use Full auditing Rogue/unknown secrets Ownership established THALES GROUP LIMITED DISTRIBUTION - SCOPE

  17. A Secure Vault for All Types of Secrets Reduce the potential for human error and consistently enforce security policies across your organization Secrets store Secure your credentials, certificates and keys Credential rotation Maintain compliance and security across you organization Secrets sharing Collaborate more securely and enable auditing with secure secrets sharing Enterprise-ready secrets management Centralized management for all secret types Easy to use, automated functionality for DevSecOps Secure Short-lived SSH Certificates Simplify management of SSH keys Just-in-time credentials Eliminate standing privileges with temporary access Kubernetes Secrets Automate, encrypt, and manage all your Kubernetes secrets Separation of duties to prevent breaches Enterprise scalability for hybrid and multi cloud environments THALES GROUP LIMITED DISTRIBUTION - SCOPE

  18. Customer Business Drivers Mitigate risk Improve customer experience Decrease cost Improve operational efficiency Protect and control customer data without impacting the customer experience Reduce vulnerabilities Consolidate on a data security platform versus using point solutions Accelerate time to compliance THALES GROUP LIMITED DISTRIBUTION - SCOPE

  19. Securing Secrets in Every Environment Connectivity to third party tools and environments Fits all environments: Hybrid & Multi-cloud Exclusive ownership of secrets and secret access Unified secrets management across teams and technologies THALES GROUP LIMITED DISTRIBUTION - SCOPE

  20. Customer Outcomes Centralized management for all Secret types Easy to use for DevOps Lower TCO The management of secrets including automatic rotation SSH, AWS, Azure, Database, Custom, LDAP, Docker and Manual Rotation. No hidden costs such as infrastructure, time, resources and support. Quick deployment and shorter learning curve with built-in integrations to a host of DevOps tools. SaaS model quickly scales across departments and regions. CipherTrust Manager provides one straightforward UI to manage all data protection features, providing for higher efficiency and compliance to data protection mandates, such as those relating to digital sovereignty. Log reporting UI and analytics. FIPS 140-2 Level 3 Root of Trust with HSMs. THALES GROUP LIMITED DISTRIBUTION - SCOPE

  21. Technology Overview 21 THALES GROUP LIMITED DISTRIBUTION - SCOPE

  22. CipherTrust Secrets Management Deployment Customer Environment On-prem /Private cloud/VPC Public Cloud Secrets Encrypted secret blobs Root of Trust with HSM of choice FIPS 140-2 Level 3 Thales Cloud HSM Customer s applications and platforms Thales Luna HSM AWS IBM Azure Cloud HSM Cloud HSM Cloud HSM THALES GROUP LIMITED DISTRIBUTION - SCOPE

  23. Distributed Fragment Cryptography (DFC) THALES GROUP LIMITED DISTRIBUTION - SCOPE

  24. CipherTrust Secrets Management Deployment Customer Environment On-prem /Private cloud/VPC Public Cloud Secrets are stored encrypted in Akeyless backend Unique fragments for each cloud site CF generated with NIST recommended PRNG and stored on CipherTrust Manager Secret Encryption/ Decryption only possible on CM using DFC HSM RoT for CM THALES GROUP LIMITED DISTRIBUTION - SCOPE

  25. Buyer Personas THALES GROUP LIMITED DISTRIBUTION - SCOPE

  26. InfoSec Director/CISO Their challenge: Our winning arguments Manage security risk and compliance Adoption of security solutions across org Integrate into DevOps process -- keep everything working smoothly Keep costs low Support solutions with small team Support compliance and regular audits SaaS solution: Lower cost in resources - frees up security team Fast deployment & low maintenance Scales easily High visibility for audits and centralized control across the organization Multi-tenancy reduces bottlenecks for business units and teams Multi-cloud and on-prem Doesn't disrupt DevOps flow, working with standard DevOps tools: higher adoption Supports a wide range of necessary security functionality, with automated rotation and dynamic secrets THALES GROUP LIMITED DISTRIBUTION - SCOPE

  27. DevOps Engineers Their challenge: Our winning arguments Rising pressure to innovate & develop faster Not enough resources (people, time, infrastructure) to deliver on competing requests Managing competing expectations speed versus stability versus security Unnecessary manual security requirements Need to manage secrets across a wide variety of tools Doesn't slow DevOps down - easily use your existing tools to inject secrets (Proof: our integrations page) SaaS for quick deployment and simple maintenance SDKs and APIs for streamlined integration Automated functionality for the development team, saving time: Automated secret injection Rotated secrets Integration with the CI/CD pipeline Self-service and multi-tenancy for DevOps and other teams -- less need for Security resources, supports team independence THALES GROUP LIMITED DISTRIBUTION - SCOPE

  28. Thank you. THALES GROUP LIMITED DISTRIBUTION - SCOPE

Related


DIY Balloon-Powered Car: Learn About Forces with Fun Experiment

DIY Balloon-Powered Car: Learn About Forces with Fun Experiment

dolly
FACILITY MANAGEMENT & SAFETY

FACILITY MANAGEMENT & SAFETY

tanith
National Radioactive Waste Management Plan Overview

National Radioactive Waste Management Plan Overview

pepper
Understanding Management, Leadership, and Organizational Success

Understanding Management, Leadership, and Organizational Success

jagger
Strategic Infrastructure Asset Management Plan (SIAMP) Overview

Strategic Infrastructure Asset Management Plan (SIAMP) Overview

kamari
Evolution of Management Theories: Classical Approach and Scientific Management

Evolution of Management Theories: Classical Approach and Scientific Management

ludo
Revolutionizing Financial Advising with Elara: AI-Driven Solutions for Wealth Enhancement

Revolutionizing Financial Advising with Elara: AI-Driven Solutions for Wealth Enhancement

viel
Levels of Management

Levels of Management

sadiya
Overview of Financial Management Principles

Overview of Financial Management Principles

oden
Infrastructure Delivery Management System (IDMS) Knowledge Circles Module 6: Portfolio Management

Infrastructure Delivery Management System (IDMS) Knowledge Circles Module 6: Portfolio Management

murphy
Partner NNGO Capacity Strengthening. Basics in Procurement and Goods, Services and Works Receiving

Partner NNGO Capacity Strengthening. Basics in Procurement and Goods, Services and Works Receiving

bianca
Understanding Management Information Systems (MIS) in Business Organizations

Understanding Management Information Systems (MIS) in Business Organizations

emory
Understanding Risk Management in Environmental Geography and Disaster Management

Understanding Risk Management in Environmental Geography and Disaster Management

duke
Understanding Sales Management for Business Success

Understanding Sales Management for Business Success

mikolaj
Principles of Advanced Forest Management

Principles of Advanced Forest Management

borys
OregonServes - Fiscal Grants Management

OregonServes - Fiscal Grants Management

neriah
Introduction to Management

Introduction to Management

anas
Comprehensive Course on Indian Banking System and Asset/Liability Management

Comprehensive Course on Indian Banking System and Asset/Liability Management

zelda
Mastering Self-Management Skills for Success

Mastering Self-Management Skills for Success

auberon
NIH Data Management and Sharing Policy Overview

NIH Data Management and Sharing Policy Overview

chanel
Federal Grants Management: Opportunities, Best Practices, and Lessons Learned

Federal Grants Management: Opportunities, Best Practices, and Lessons Learned

della
Integrating Herbicides with Non-Chemical Weed Management Methods

Integrating Herbicides with Non-Chemical Weed Management Methods

farhan
Efficient Resource Mobilization and Management Strategies by Dr. Abraham Maliet Mamer

Efficient Resource Mobilization and Management Strategies by Dr. Abraham Maliet Mamer

nahla
Enhancing Transportation Performance Management through TSMO Collaboration

Enhancing Transportation Performance Management through TSMO Collaboration

lockie

More Related Content

Select Committee Briefing on Solid Waste Management Objectives and Progress
Select Committee Briefing on Solid Waste Management Objectives and Progress
Effective Working Capital Management in Business
Effective Working Capital Management in Business
Impact of Performance Management Software on Organizational Goal-Setting
Impact of Performance Management Software on Organizational Goal-Setting
Understanding Total Quality Management (TQM) Principles and Benefits
Understanding Total Quality Management (TQM) Principles and Benefits
Infrastructure Programme Implementation Plan (IPIP) - Module 7 Overview
Infrastructure Programme Implementation Plan (IPIP) - Module 7 Overview
Infrastructure Procurement Strategy Module for Programme Management.
Infrastructure Procurement Strategy Module for Programme Management.
Comprehensive Overview of Security Risk Analysis and Management
Comprehensive Overview of Security Risk Analysis and Management
Understanding Management Control in Business Organizations
Understanding Management Control in Business Organizations
Best Practices for Special Education Case Management Workshop
Best Practices for Special Education Case Management Workshop
Understanding Disaster Management Cycle and Phases
Understanding Disaster Management Cycle and Phases
Leadership Workshop for Clarity and Alignment in Management Team Responsibilities
Leadership Workshop for Clarity and Alignment in Management Team Responsibilities
Water Management Strategies for Efficiency and Sustainability in Supply Systems
Water Management Strategies for Efficiency and Sustainability in Supply Systems
Enhancing Emergency Management Capabilities in Kansas: Administration of HMEP Grant
Enhancing Emergency Management Capabilities in Kansas: Administration of HMEP Grant
Introduction to Talent Management Workshop
Introduction to Talent Management Workshop
CERTIFIED BUSINESS MANAGEMENT ANALYST
CERTIFIED BUSINESS MANAGEMENT ANALYST
Contrasting Management and Leadership in Educational Context
Contrasting Management and Leadership in Educational Context
2022 Thales Access Management Index
2022 Thales Access Management Index
Essential Principles of Management Discussed in Seminar
Essential Principles of Management Discussed in Seminar
Comprehensive Guide to District and Constituency Election Planning
Comprehensive Guide to District and Constituency Election Planning
Comprehensive Overview of UNRMS Framework and Principles
Comprehensive Overview of UNRMS Framework and Principles
Implementation of Redi Fatigue Management System at OK Tedi Mine
Implementation of Redi Fatigue Management System at OK Tedi Mine
Media, MCMC, and Paid News: Guidance for Election Management
Media, MCMC, and Paid News: Guidance for Election Management
“SUGAR - FREE” VS SUGAR - POWERED FUTURE
“SUGAR - FREE” VS SUGAR - POWERED FUTURE
AI for Student Accessibility: From Hurdles to Opportunities
AI for Student Accessibility: From Hurdles to Opportunities