CyberArk Secrets Hub is a brand-new Software-as-a-Service (SaaS) solution from CyberArk, the world leader in identity security. Secrets Hub streamlines the process for developers working in hybrid environments to access secrets on Amazon Web Services (AWS) through AWS Secrets Manager. At the same time, security managers maintain centralized control and the capacity to enact uniform policies over secrets using current procedures and infrastructure.
Kurt Sand, general manager, DevSecOps at CyberArk said, “As customers evolve to hybrid architectures and build applications on AWS, their developers rely on AWS Secrets Manager to simplify development and operations. However, preserving developer experience can cause conflict with centralized security goals. Secrets Hub solves this problem by allowing CyberArk customers to centrally manage and rotate the secrets used by developers using AWS Secrets Manager – delivering a cloud-native experience without any changes in their workflow. This allows security administrators to continue to create, rotate and monitor secrets through the familiar CyberArk interface across environments and developers to continue to take advantage of AWS Secrets Manager. It’s a win-win for everyone.”
In order to provide efficient secret management in hybrid environments, Secrets Hub, a component of the CyberArk Identity Security Platform, was developed in collaboration with the AWS Secrets Manager team. CyberArk Secrets Hub operates by automatically replicating CyberArk-managed secrets to AWS Secrets Manager (for use on AWS). This enables users to set up Secrets Hub permissions on the relevant AWS account, create a synchronization policy by choosing what to sync and what target to sync, create a synchronization policy by selecting what to sync, and access the synchronized secrets using AWS. This allows users to centrally manage secrets across multiple AWS accounts and hybrid environments while assisting in ensuring data segregation.
Security experts can centrally manage and enforce a single policy and standard throughout the entire enterprise, including mixed environments, without altering compliance and audit procedures. The CyberArk Identity Security Platform, created for the dynamic enterprise, enables secure access for any identity, whether human or automated, to any resource or environment from any location using any device.