Fidelis Security Case Studies CloudPassage Enables Security for the Centrify DevOps Team with Vulnerability Assessment and Reporting, While Providing Compliance Reporting

Edit This Case Study Record

	CloudPassage Enables Security for the Centrify DevOps Team with Vulnerability Assessment and Reporting, While Providing Compliance Reporting Fidelis Security

CloudPassage Enables Security for the Centrify DevOps Team with Vulnerability Assessment and Reporting, While Providing Compliance Reporting

Fidelis Security

Technology Category	Application Infrastructure & Middleware - API Integration & Management Cybersecurity & Privacy - Cloud Security Cybersecurity & Privacy - Security Compliance
Applicable Industries	Software
Applicable Functions	Discrete Manufacturing Quality Assurance
Use Cases	Cybersecurity Regulatory Compliance Monitoring
Services	Cloud Planning, Design & Implementation Services Cybersecurity Services
Challenge	Centrify, a company that delivers Zero Trust Security through the power of Next-Gen Access, needed to integrate security into their DevOps process. They wanted to evaluate vulnerability assessments before placing upgrades into production. Additionally, they needed to prepare for the Federal Risk and Authorization Management Program (FedRAMP) and the Service Organization Control (SOC 2) compliance audits. Centrify was searching for a product that could integrate into the organization’s CI/CD workflow – which includes the Jenkins and SaltStack toolsets – so assessments could take place prior to updates being pushed into production. They also needed a solution that provided detailed vulnerability management and reporting tools. Read More
About Customer	Centrify is a company that delivers Zero Trust Security through the power of Next-Gen Access. They verify every user, validate their devices, and limit the amount of access and privilege to resources while continually learning and adapting. Centrify's Next-Gen Access is the only industry-recognized solution that uniquely converges Identity-as-a Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM.) The company serves over 5,000 worldwide organizations, including over half the Fortune 100. They are trusted by these businesses to proactively secure their operations. Read More
Solution	Centrify deployed CloudPassage Halo and employed Halo’s vulnerability management and reporting in order to prepare for the FedRAMP and Soc2 compliance audits. They integrated the Halo API into Jenkins and SaltStack, integrating Halo directly with their DevOps processing. Centrify immediately began employing all CloudPassage Halo modules including: software vulnerability assessment, configuration security monitoring, server account monitoring, file integrity monitoring, and log-based intrusion detection. The team used Halo’s API to integrate Halo with Jenkins and SaltStack, working with the CloudPassage customer success team to customize the Halo platform to their specific security policies. The lightweight Halo agent was chosen because it would not interrupt the processes that had been already established, but rather would integrate with and monitor his DevOps team’s CI/CD workflow. Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - API Integration & Management

Cybersecurity & Privacy - Cloud Security

Cybersecurity & Privacy - Security Compliance

Applicable Industries

Software

Applicable Functions

Discrete Manufacturing

Quality Assurance

Use Cases

Cybersecurity

Regulatory Compliance Monitoring

Services

Cloud Planning, Design & Implementation Services

Cybersecurity Services

Challenge

Centrify, a company that delivers Zero Trust Security through the power of Next-Gen Access, needed to integrate security into their DevOps process. They wanted to evaluate vulnerability assessments before placing upgrades into production. Additionally, they needed to prepare for the Federal Risk and Authorization Management Program (FedRAMP) and the Service Organization Control (SOC 2) compliance audits. Centrify was searching for a product that could integrate into the organization’s CI/CD workflow – which includes the Jenkins and SaltStack toolsets – so assessments could take place prior to updates being pushed into production. They also needed a solution that provided detailed vulnerability management and reporting tools.

About Customer

Centrify is a company that delivers Zero Trust Security through the power of Next-Gen Access. They verify every user, validate their devices, and limit the amount of access and privilege to resources while continually learning and adapting. Centrify's Next-Gen Access is the only industry-recognized solution that uniquely converges Identity-as-a Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM.) The company serves over 5,000 worldwide organizations, including over half the Fortune 100. They are trusted by these businesses to proactively secure their operations.

Solution

Centrify deployed CloudPassage Halo and employed Halo’s vulnerability management and reporting in order to prepare for the FedRAMP and Soc2 compliance audits. They integrated the Halo API into Jenkins and SaltStack, integrating Halo directly with their DevOps processing. Centrify immediately began employing all CloudPassage Halo modules including: software vulnerability assessment, configuration security monitoring, server account monitoring, file integrity monitoring, and log-based intrusion detection. The team used Halo’s API to integrate Halo with Jenkins and SaltStack, working with the CloudPassage customer success team to customize the Halo platform to their specific security policies. The lightweight Halo agent was chosen because it would not interrupt the processes that had been already established, but rather would integrate with and monitor his DevOps team’s CI/CD workflow.

Impact #1	Security has been integrated into Centrify’s CI/CD pipeline.
Impact #2	Centrify has full visibility into all workloads and is able to ensure that their work is within compliance, well before any audits take place.
Impact #3	The CloudPassage Halo platform has been customized in order to prepare Centrify for the FedRAMP and SOC 2 compliance audits.

Impact #1

Security has been integrated into Centrify’s CI/CD pipeline.

Impact #2

Centrify has full visibility into all workloads and is able to ensure that their work is within compliance, well before any audits take place.

Impact #3

The CloudPassage Halo platform has been customized in order to prepare Centrify for the FedRAMP and SOC 2 compliance audits.

Benefit #1	Centrify is currently deploying CloudPassage Halo across hundreds of workloads.

Benefit #1

Centrify is currently deploying CloudPassage Halo across hundreds of workloads.

Download PDF Version

Overview

CloudPassage Enables Security for the Centrify DevOps Team with Vulnerability Assessment and Reporting, While Providing Compliance Reporting

Operational Impact

Quantitative Benefit