Welcome!

Containers Expo Blog Authors: Liz McMillan, Pat Romanski, Elizabeth White, Yeshim Deniz, Zakia Bouachraoui

Related Topics: @DevOpsSummit, Linux Containers, Containers Expo Blog

@DevOpsSummit: Blog Post

Venafi Makes It Easy for DevOps to Run Secure | @DevOpsSummit @Venafi #DevOps #ContinuousTesting

Venafi delivers the power of automated, secure TLS key and certificate lifecycle management for DevOps

Venafi Makes It Fast and Easy for DevOps to Run Secure

Venafi has extended the power of its platform in an easy-to-use utility for DevOps teams available for immediate download. Now DevOps teams can eliminate the hassle of acquiring and installing TLS keys and certificates. Instead, customers can focus on speeding up continuous development and deployment, while security teams have complete visibility and can keep the DevOps environment secure and compliant to protect customer data. Extending the Venafi Trust Protection Platform requires only a single line of code and works out-of-the box with leading automation, orchestration, and containerization platforms including Puppet, Chef, Docker, Terraform, Saltstack, and Ancible - on premise and in the cloud.

Gartner predicts 75% of organizations will run with Fast IT teams by 2017. As an important part of this strategy, DevOps allows IT teams to move to a continuous testing and development environment. This strategy improves customer experience and delivers new features faster. However, while DevOps can deliver significant benefits it can create significant risk.

TLS keys and certificates determine what can and can't be trusted on the internet, enabling software to communicate privately and preventing man in the middle, spoofing, and other trust-based attacks. DevOps approaches like orchestration and containerization increase the demand for near instantaneous availability of trusted TLS keys and certificates by an order of magnitude or more. Many developers take shortcuts when obtaining or using TLS keys and certificates – like using weak cryptographic methods, unknown, self-signed or duplicate keys, or unapproved certificate authorities (CAs) with little to no validation and oversight from IT security.

All of this makes it easier for attackers to look trusted or hide inside encrypted traffic. And the sheer volume of untrusted and unprotected certificates makes an outage from expired certificates an inevitability.

"Venafi research shows that 79% of CIOs believe that DevOps makes it more difficult to know what is trusted or not because of the chaos brewing with the use of TLS keys and certificates," said Kevin Bocek, Vice President of Threat Intelligence and Security Strategy at Venafi. "Security teams need to keep DevOps safe with easy-to-use automation that eliminates complexity. Using TLS keys and certificates is a great example: While DevOps teams generate at least 10x or more TLS keys and certificates, they take shortcuts or make poor security decisions that create vulnerabilities and make it easy for bad guys to look trusted. And, the rapid, uncoordinated growth in encrypted traffic makes security controls blind to attacks."

Venafi automates the complete secure lifecycle of TLS keys and certificates. DevOps doesn't need to worry about the details of how to get, install, and use keys and certificates. IT security policies are enforced and there's complete visibility. Only trusted keys and certificates are issued and any anomalies are detected quickly. DevOps teams now have the speed they need while IT security maintains control of security and privacy.

"Finding a way to provide security-at-speed is vital if we are to unlock the promise of DevOps," continued Bocek. "Venafi is helping IT security teams make it fast and easy for DevOps to use TLS keys and certificates. Venafi's introduction of new utilities for DevOps expands the power of Venafi's Trust Protection Platform. This is one more reason why Venafi is the leader in protecting SSL/TLS, SSH, and enterprise mobility keys and certificates for the Global 5000. Venafi's patented and proven platform is trusted by the world's leading banks, retailers, insurers, and governments to protect the trust and privacy keys and certificates provide."

@ThingsExpo - The World's Largest 'Internet of Things' Event, November 1-3, 2016, at the Santa Clara Convention Center!

Secrets of Sponsors and ExhibitorsHere
Secrets of Cloud Expo SpeakersHere

All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.

@CloudExpo / @ThingsExpo 2016 Silicon Valley
(November 1-3, 2016, Santa Clara Convention Center, CA)

@CloudExpo / @ThingsExpo 2017 New York
(June 6-8, 2017, Javits Center, Manhattan)

With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be.

Register for @CloudExpo/@ThingsExpo 'FREE' Before Friday! Here

Track 1: Enterprise Cloud & Digital Transformation
Track 2: Microservices | Cloud Hot Topics
Track 3: Internet of Things & Cloud
Track 4: APIs & Cloud Security
Track 5: Big Data Analytics
Track 6: DevOps, Continuous Delivery & Containers
Track 7: Enterprise IoT & IIoT
Track 8: IoT Developer
Track 9: Consumer IoT | IoT Hot Topics

Delegates to Cloud Expo | @ThingsExpo will be able to attend 9 simultaneous, information-packed education tracks.

There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content.

Join @CloudExpo | @ThingsExpo conference chair Roger Strukhoff (@IoT2040), June 7-9, 2016 in New York City, for three days of intense 'Internet of Things' discussion and focus, including Big Data's indispensable role in IoT, Smart Grids and Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) IoT's use in Vertical Markets.

About SYS-CON Media & Events
SYS-CON Media (www.sys-con.com) has since 1994 been connecting technology companies and customers through a comprehensive content stream - featuring over forty focused subject areas, from Cloud Computing to Web Security - interwoven with market-leading full-scale conferences produced by SYS-CON Events. The company's internationally recognized brands include among others Cloud Expo® (@CloudExpo), Big Data Expo® (@BigDataExpo), DevOps Summit (@DevOpsSummit), @ThingsExpo® (@ThingsExpo), Containers Expo (@ContainersExpo) and Microservices Expo (@MicroservicesE).

Cloud Expo®, Big Data Expo® and @ThingsExpo® are registered trademarks of Cloud Expo, Inc., a SYS-CON Events company.

More Stories By Elizabeth White

News Desk compiles and publishes breaking news stories, press releases and latest news articles as they happen.

IoT & Smart Cities Stories
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Apptio fuels digital business transformation. Technology leaders use Apptio's machine learning to analyze and plan their technology spend so they can invest in products that increase the speed of business and deliver innovation. With Apptio, they translate raw costs, utilization, and billing data into business-centric views that help their organization optimize spending, plan strategically, and drive digital strategy that funds growth of the business. Technology leaders can gather instant recomm...
OpsRamp is an enterprise IT operation platform provided by US-based OpsRamp, Inc. It provides SaaS services through support for increasingly complex cloud and hybrid computing environments from system operation to service management. The OpsRamp platform is a SaaS-based, multi-tenant solution that enables enterprise IT organizations and cloud service providers like JBS the flexibility and control they need to manage and monitor today's hybrid, multi-cloud infrastructure, applications, and wor...
The Master of Science in Artificial Intelligence (MSAI) provides a comprehensive framework of theory and practice in the emerging field of AI. The program delivers the foundational knowledge needed to explore both key contextual areas and complex technical applications of AI systems. Curriculum incorporates elements of data science, robotics, and machine learning-enabling you to pursue a holistic and interdisciplinary course of study while preparing for a position in AI research, operations, ...
After years of investments and acquisitions, CloudBlue was created with the goal of building the world's only hyperscale digital platform with an increasingly infinite ecosystem and proven go-to-market services. The result? An unmatched platform that helps customers streamline cloud operations, save time and money, and revolutionize their businesses overnight. Today, the platform operates in more than 45 countries and powers more than 200 of the world's largest cloud marketplaces, managing mo...
Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud workloads, networks, and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defense with centralized visibility and investigation, enabling better, faster protection. With more than 6,00...
Tapping into blockchain revolution early enough translates into a substantial business competitiveness advantage. Codete comprehensively develops custom, blockchain-based business solutions, founded on the most advanced cryptographic innovations, and striking a balance point between complexity of the technologies used in quickly-changing stack building, business impact, and cost-effectiveness. Codete researches and provides business consultancy in the field of single most thrilling innovative te...
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and Bi...