Opsera GitCustodian GA
August 3, 2022
GitCustodian scans vulnerable data found in source code repositories
(i.e., Git) and alerts security and DevOps teams so that they can
prevent vulnerabilities from leaking into production. Once
vulnerabilities are found, GitCustodian automates the remediation
process for any uncovered secrets or other sensitive artifacts.
"Source code vulnerabilities have the potential to cost organizations
hundreds of millions or even billions of dollars a year due to breaches
from cyberattackers. This is where Opsera GitCustodian comes in," said
Gilbert Martin, VP of Customer Success and Solutions at Opsera. "It
scans and alerts security teams of vulnerable secrets lurking in source
code repositories before it's too late. These teams are now empowered to
proactively enforce secure software development lifecycle best practices
through orchestrated secrets governance making source code
vulnerabilities a thing of the past."
The "as-a-Service" (i.e. Platform-as-a-Service,
Infrastructure-as-a-Service, Software-as-a-Service, etc.) trend is
growing, and along with it comes a movement towards "everything as
code." However, as code scales, complexities scale with it – especially
when it comes to security. Many Git users unknowingly keep sensitive
data (i.e. secrets, passwords, certificates, keys, etc.) in source code
repositories – if this data is pushed to production, it is at risk to be
exposed to cyberattackers. To protect this data, Opsera's GitCustodian
provides proactive visibility into source code vulnerabilities and helps
security and DevOps teams address them early on in the Continuous
Delivery/Continuous Integration (CI/CD) process to ensure sensitive data
is not stored or leaked into production. Teams receive a centralized
snapshot in minutes of any vulnerable secrets and other sensitive
artifacts at risk across version control systems.
"Stealing credentials and secrets out of source code and configuration
files is a common technique that attackers have used in many breaches,"
said Neil Daswani, co-author of Big Breaches: Cybersecurity Lessons For
Everyone. "GitCustodian can help identify and mitigate such risks across
your codebase as a part of automatically-generated and operationalized
CI/CD pipelines which is one of Opsera's key strengths."
The key features and benefits of Opsera GitCustodian include:
Highly Accurate, Comprehensive Secrets Detection: Uncover a wide
array of secrets and other sensitive data in source code with detectors
based on multiple algorithms and industry-standard profiles.
Scan Existing Source Code Repositories: Get a centralized snapshot in
minutes of any vulnerable secrets and other sensitive artifacts at risk
across version control systems.
Add Proactive Secrets Governance into Existing CI/CD Workflows: Go from
detection to remediation to verification with integrated alerting and
trouble-ticketing for complete incident lifecycle management. Add
detection and governance gates to the software development pipeline to
catch secrets and other sensitive artifacts before they are released.
Securely Store Secrets and Keys: A built-in vault eliminates the
friction of following secrets management best practices.
Collaboration Enablement: Notify impacted teams to take immediate action
without changing how or where they work with flexible alerting via
email, Slack, Microsoft Teams, Jira and ServiceNow integrations.
Complete Insights and Analytics: Gain a complete picture of the health
and security of the entire lifecycle with actionable insights and
analysts also recognize the complexity of source code management and
enterprises' need for tools to help reduce risk. "The complexity of
modern applications brings with it multiple challenges around managing
dependencies and configuration information, security tokens,
username/passwords and other secrets," said Jon Collins, VP of Research
and Lead Analyst at GigaOM. "It is too much to expect developers to keep
on top of all the potential issues, such as inadvertently missing a .gitignore
file and publishing confidential information into Git. As well as CI/CD
automation, enterprises also need to adopt tools that can scan software
code and dependencies proactively, and also prevent the accidental
leakage of sensitive data."