Introducing CyberArk Conjur Open Source Secrets Management Solution

September 6, 2017 Elizabeth Lawler

“Don’t underestimate the power of your vision to change the world. Whether that world is your office, your community, an industry or a global movement, you need to have a core belief that what you contribute can fundamentally change the paradigm or way of thinking about problems.”–  Leroy Hood

Today, I am excited to announce the release of Conjur as open source!

For those following our story, it’s been about four months since Conjur was acquired by CyberArk, and it’s been a fantastic, high-speed ride!  Conjur has always been interested in making an open source contribution, and now with the backing, support and encouragement of our team at CyberArk, I am thrilled to unveil our open source project to the world.

Conjur has been working on novel approaches to DevOps security, based on identity management for machines for the last four years. We have worked closely with related open source tools and projects and with prominent adopters of DevOps both large and small.

Our next mission is clear – to advance machine identity and access management methods for next-generation, distributed software and IT architectures. The best way forward is to open source the Conjur platform and participate fully in the open-source community. Our community website and Slack channels are available to facilitate growth and discussion.

Don’t Compromise Security

Conjur is a free, open-source and easy-to-use solution to securely store and safely retrieve secrets in high-velocity and widely-scaled IT environments. With Conjur, DevOps practitioners can solve their secrets management challenges, for users and machines, through automation without stifling architectural and software design choices. Conjur is designed for DevOps practitioners, from application developers and DevOps engineers to architects and DIYers who simply love to code.

Conjur’s platform features include:

  • A foundational secrets management service for DevOps environments, a core security capability for any environment
  • An authentication, authorization and audit service for people, code and machines that runs independently of other DevOps platforms and tools to provide separation of concerns and duties and fine-grained access control
  • A suite of open source integrations with leading CI/CD tools based on an Experience-Driven Design (XDD) development process.
  • An architecture that is optimized for containerized environments
  • Flexible, programmable tool (Rest API, CLI)

This is just the beginning of the CyberArk Conjur journey.  The project also aims to grow into a forum to share and collaboratively discuss best practices for privileged account security and management in high-velocity and connected systems.  We hope this project will blossom into a hub for innovation in privilege management for people, code and machines.

I encourage you to visit the brand-new Conjur website at https://www.conjur.org where you can download the software or get a free cloud-hosted dev account. Stay tuned – we are just getting started.

Editor’s note: Conjur is part of the comprehensive CyberArk Privileged Account Security Solution, which helps organizations protect, monitor, detect, alert and respond to privileged account activity from mainframe to the cloud. To learn about Conjur Enterprise, please visit here.

 

Previous Article
Four Critical Steps for Securing API Keys in Your Organization’s Cloud Workloads
Four Critical Steps for Securing API Keys in Your Organization’s Cloud Workloads

Automation enables organizations to leverage the dynamic capabilities of the cloud. Today, enterprises are ...

Next Article
Privileged Access Management:  A Matrix Approach for Account Ranking and Prioritization
Privileged Access Management: A Matrix Approach for Account Ranking and Prioritization

Throughout the course of my six years in helping KPMG clients with their Privileged Access Management progr...