Download PDF
CloudPassage Enables Security for the Centrify DevOps Team with Vulnerability Assessment and Reporting, While Providing Compliance Reporting
Technology Category
- Application Infrastructure & Middleware - API Integration & Management
- Cybersecurity & Privacy - Cloud Security
- Cybersecurity & Privacy - Security Compliance
Applicable Industries
- Software
Applicable Functions
- Discrete Manufacturing
- Quality Assurance
Use Cases
- Cybersecurity
- Regulatory Compliance Monitoring
Services
- Cloud Planning, Design & Implementation Services
- Cybersecurity Services
The Challenge
Centrify, a company that delivers Zero Trust Security through the power of Next-Gen Access, needed to integrate security into their DevOps process. They wanted to evaluate vulnerability assessments before placing upgrades into production. Additionally, they needed to prepare for the Federal Risk and Authorization Management Program (FedRAMP) and the Service Organization Control (SOC 2) compliance audits. Centrify was searching for a product that could integrate into the organization’s CI/CD workflow – which includes the Jenkins and SaltStack toolsets – so assessments could take place prior to updates being pushed into production. They also needed a solution that provided detailed vulnerability management and reporting tools.
About The Customer
Centrify is a company that delivers Zero Trust Security through the power of Next-Gen Access. They verify every user, validate their devices, and limit the amount of access and privilege to resources while continually learning and adapting. Centrify's Next-Gen Access is the only industry-recognized solution that uniquely converges Identity-as-a Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM.) The company serves over 5,000 worldwide organizations, including over half the Fortune 100. They are trusted by these businesses to proactively secure their operations.
The Solution
Centrify deployed CloudPassage Halo and employed Halo’s vulnerability management and reporting in order to prepare for the FedRAMP and Soc2 compliance audits. They integrated the Halo API into Jenkins and SaltStack, integrating Halo directly with their DevOps processing. Centrify immediately began employing all CloudPassage Halo modules including: software vulnerability assessment, configuration security monitoring, server account monitoring, file integrity monitoring, and log-based intrusion detection. The team used Halo’s API to integrate Halo with Jenkins and SaltStack, working with the CloudPassage customer success team to customize the Halo platform to their specific security policies. The lightweight Halo agent was chosen because it would not interrupt the processes that had been already established, but rather would integrate with and monitor his DevOps team’s CI/CD workflow.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Factor-y S.r.l. – Establishes a cost-effective, security-rich development environment with SoftLayer technology
Factor-y S.r.l., a web portal developer, was faced with the challenge of migrating its development infrastructure to a reliable cloud services provider with highly responsive technical support. The company needed a solution that would not only provide a secure and reliable environment but also support its expansion by providing resources to create and deliver innovative offerings.
Case Study
Darwin Ecosystem: Accelerating discovery and insight through cutting-edge big data and cognitive technologies
Darwin Ecosystem was founded with a unique vision of harnessing chaos theory mathematics to uncover previously hidden connections in unstructured data. The company’s algorithms can look at all the data generated by any source (such as news, RSS feeds and Twitter), and analyze how a specific set of concepts within that data are evolving over time. This is particularly valuable in situations such as business and competitive intelligence, social research, brand monitoring, legal discovery, risk mitigation and even law enforcement. A common problem in these areas is that a regular web search will only turn up the all-time most popular answers to a given question – but what the expert researcher is actually interested in is the moment-tomoment evolution of the data available on that topic. Darwin’s algorithm is computationally intensive, and the sources of data it correlates can be vast. To bring its benefits to a larger commercial audience, Darwin needed to find a way to make it scale.
Case Study
Zend accelerates, simplifies PHP development
Zend Technologies, a major contributor to the PHP open source community, needed to keep pace with emerging trends such as mobility, agile development, application lifecycle management and continuous delivery. The company needed to provide the right tools to the worldwide community of PHP developers. The challenge was to support enterprise-class capabilities from end to end, including mobile, compliance and security. The pace of business required developers to show results fast across a variety of devices without compromising quality or security.
Case Study
Delivering modern data protection with cloud scale backup from Cobalt Iron and IBM
Organizations are struggling to modernize their legacy data protection environments in the face of growing demands around new infrastructure, new applications, and budget consolidation. Virtualization and modern application development processes have significantly outgrown legacy backup architectures. In response, infrastructure teams have created multiple backup solution types to handle the varying SLAs (performance, scale, cost) required by their business sponsors. However, the sheer number and variety of solutions in this uncontrolled expansion creates huge amounts of work, threatening to overwhelm the IT team in many organizations. Today, developers may add new applications and virtual server instances by the hundreds per day without accounting for the restrictions of the existing backup infrastructure. They leverage the cloud for immediate compute and storage resources, yet rarely communicate succinctly with corporate IT to ensure that the appropriate data protection services are in place.
Case Study
Achieving near limitless scalability and flexibility with data in the cloud
Web-based publishing platform SpaceCraft found that as its client base grew, it was spending an increasing amount of time managing its databases, distracting its focus from product innovation. As its user base rapidly expanded, data volumes at SpaceCraft began to rise dramatically. Along with their main focus on maintaining and further developing a great platform for web publishing, the SpaceCraft team had the added pressure of managing the increasing quantities of data while ensuring ongoing high performance for clients.
Case Study
nViso SA – Delivers emotion recognition solutions worldwide with a scalable SoftLayer hosting solution
nViso SA, a company that provides emotion recognition solutions, was in need of a high-performance cloud hosting infrastructure. The company wanted to extend its services to a global customer base. The challenge was to find a solution that could handle the demands of their growing customer base and the need for high performance and reliability.