Opsera Secures Salesforce Devops Pipelines with HashiCorp Integration
Opsera, an independent software vendor based in San Francisco, today announced a technology partnership with HashiCorp, a leader in cloud native devops also based in San Francisco. Starting immediately, Opsera users may use HashiCorp Vault to automatically secure usernames and passwords, API keys, and environment variables used in Salesforce devops pipelines. Kumar Chivukula, CTO and co-founder of Opsera said in a press release “This partnership helps our customers integrate the secrets seamlessly into their software delivery (CI/CD workflows, tool chain automation and cloud services etc.) and strengthens our ongoing mission to keep customers’ data as secure as possible.”
Deal Strengthens Salesforce Devops Security
Salesforce devops pipeline needs usernames and passwords to connect to an off-platform service. But, without careful standards and best practices, generating, managing, and using pipeline credentials can expose those credentials to threat actors.
HashiCorp Vault is a secrets management platform that addresses this issue by providing functionality including disposable secret generation and management. This type of service comes in handy when secrets are compromised, and an immediate change is required.
Secret management hit the headlines earlier this year the CodeCov hack allowed threat actors to collect secrets and environment variables. To fully recover, impacted organizations had to reset all their devops-related secrets. A CodeCov-compromised site could use HashiCorp Vault to help remediate this type of incident.
Fits Opsera’s Strategy
Opsera aims to be an application-independent devops platform, and they also have the tooling to integrate Salesforce release management activities into cloud native devops pipelines.
The company said there is no additional charge to use the HashiCorp Vault technology integration. Opsera requires users to sign up for HashiCorp Vault separately, according to this blog post.
The integration works by first attaching a Vault instance to an Opsera virtual network. It then lets Opsera’s online service automatically manage and secure stored credentials to other online services.
Having personally used HashiCorp Vault in cloud native environments, gaining a low-code way to automatically exploit its features is an innovative and welcome development for Opsera.
Salesforce Pipelines Need Better Security
HashiCorp Vault addresses a common problem in cloud native computing. It solves an essential problem in cloud native devops which is to manage authentication keys between microservices and service meshes. It is also a good example of a standard practice in the cloud native world which is absent from Salesforce devops. This is because secret management is less demanding in Salesforce, allowing developers to get away with slack management methods.
To fill in this empty space in Salesforce software supply chain security, IT leaders should ask more about secret management and API security when delivering new enterprise apps. Devops program managers should also add external credential management to their cybersecurity checklists. With this announcement, Opsera now addresses these common cybersecurity flaws in Salesforce devops pipelines with their new HashiCorp Vault integration.