Continuous Security
Mitigate risks while frequently deploying software into production through integrating security best practices into all stages of deployment. Secure release pipelines, manage user authentication and role based authorization, and ensure built-in protection across multiple teams, point tools, and infrastructure through hardened Spinnaker.
Integrated Secrets Management
No one has the keys to the kingdom
Benefit: Improved security over Spinnaker configuration files
Keep Spinnaker configuration files in source control while protecting secrets with a 3rd party secret store- HashiCorp Vault, AWS KMS/ Key Store, or Azure Key Vault.
Industry Standard Authentication
Restrict Access using OAuth, SAML, LDAP, X.509, Github teams.
Benefit: Controlled access and restrictions
Restrict access to pipelines, projects and accounts by hooking into the authentication systems that you are already using, such as OAuth, SAML, LDAP, X.509 certs, Google groups, Azure groups, or GitHub teams.
RBAC
They Can, She Can, He Can’t
Benefit: Granular role based permissions to users
Manage the accessibility of resources and support privilege escalations for authorized access of users and groups through fine-grained control.
Hardened and Certified Spinnaker with Secure APIs
Secure communication for all - Fiat, Front, Cloud Driver and more
Benefit: Highly secured internal microservices communication
Leverage secured internal service-to-service communication between the Spinnaker microservices and reduce risks.
Use enterprise-ready Spinnaker that is stable and supported through Redhat Openshift Certified Operator and the Redhat Certified Containers, and receives frequent feature and security updates.
Integration with SAST, DAST and other security tools
Gain Peace of Mind with your Pipelines
Benefit: Mitigation of risks associated with production
Gain comprehensive risk visibility and control over your CD pipeline through integration with logs, metrics and APM tools as well as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA). Ensure readiness of Software Delivery.
