Thales DevSecOps Solutions

Thales DevSecOps Solutions

Add data protection to your apps with developer-friendly tools

Data Protection at the Level You Need

Whether you have made the “shift-left” in your DevOps security or that’s yet a goal, you also need to keep security on the right. Data from both in-house and 3rd party applications benefit from Thales' data protection tools, regardless of the status or maturity of your implementation(s). Thales ensures the trustworthiness and integrity of software and containers in the cloud, on-premises, or in hybrid environments as well as traditional or cloud-native software architectures. We do this by helping implement security at every stage of the DevSecOps cycle and helping to harmonize developers, security architects and IT operations.

Data Protection for Devs/DevOps/DevSecOps

CipherTrust Platform Community Edition includes a free-forever version of CipherTrust Manager with licenses for two full enterprise-edition CipherTrust Connectors enabling DevSecOps teams to deploy data protection controls in minutes instead of weeks.

  • Rapidly secure, deploy and run cloud-native workloads across cloud service providers.
  • Transparently protect sensitive data in RESTful calls in legacy or cloud-native applications.
  • Establish strong safeguards around data stored in Kubernetes environments.
  • Centralize key management for all applications and encryption operations.
  • Click here to get started with no license fees!

Access standards-based Crypto Service Providers (CSPs) using Python, Java, Go, C, C#, REST and more. See examples in your preferred language SDKs in GitHub repositories for

Additionally, you can access data protection services through the Data Protection on Demand marketplace.

  • Luna Cloud HSM Services - Enables you to protect critical cryptographic keys and accelerate sensitive cryptographic operations for a wide range of security applications, across clouds, hybrid and on-premises environments.
  • CipherTrust Key Management Services - Generate, distribute, store, rotate, and revoke/destroy keys in Azure, Google and Salesforce to protect sensitive information.
  • Payment Services - Enables Point to Point encryption (P2PE), decryption, key management, and key distribution services.

Simplify integration and deployment with a wide variety of APIs, flexible deployment options and superior performance — you can quickly secure hundreds of applications with our out-of-the-box technology partner integrations.

 

Explore Thales DevSecOps Resources

Thales Docs

 

Home to all of your Thales product and service documentation needs.

CipherTrust Data Security Platform

Luna HSMs

Data Protection on Demand Services

 

Thales GitHub Repositories

 

Get access to sample code, APIs, and open source solutions.

github.com/thalesgroup

github.com/thalescpl-io

 

Additional Resources

White Papers and Briefs

Securing the DevOps Lifecycle with Continuous Trust - White Paper

Securing the DevOps Lifecycle with Continuous Trust - White Paper

DevOps is a set of practices and tools that enables teams to develop and deliver software applications faster and more reliably. DevOps, which blends the words “development” and “operations,” is a cultural movement that breaks down organizational barriers by bringing software...

Code Signing for DevOps with Keyfactor Code Assure - Solution Brief

Code Signing for DevOps with Keyfactor Code Assure - Solution Brief

Software developers and IoT manufacturers rely on code signing to protect end users and their company’s reputation. But the integrity of code signing hinges entirely on the security of your private keys. As attackers become more adept at compromising these keys to spread...

Simplifying DevOps Security with Thales, Venafi & HashiCorp - Solution Brief

Simplifying DevOps Security with Thales, Venafi & HashiCorp - Solution Brief

In today’s fast-paced business environment organizations must streamline software development as new applications and software updates are an everyday task. Enterprise-class code development has evolved on two fronts to handle this volume: Globally dispersed development teams;...

Videos

TalkingTrust Video: Thales and RedHat – Securing Containers and DevOps

TalkingTrust Video: Thales and RedHat – Securing Containers and DevOps

Containers and DevOps are being embraced as critical elements of enterprise digital transformation strategies, as this new paradigm provides development teams with an efficient way to build and deploy applications across hybrid cloud environments at scale. Red Hat and Thales have partnered to enable the benefits of DevSecOps to ensure code runs securely and data can be protected effectively. Thales and Red Hat discuss in this video how to enable a secure and scalable DevOps platform to deploy new services efficiently.

Webinars

The CipherTrust Data Security Platform for Developers: Offerings and Vision

The CipherTrust Data Security Platform for Developers: Offerings and Vision

Software developers don't need to be crypto experts, or source, use, and store in dangerous places poor-quality keys. With CipherTrust Application Data Protection, devops gets a solution for integrating data protection into applications with a secure key source and repository, and then sending those applications into production. In this session, Eric Wolff will provide a quick introduction to the application-level data protection tools in the CipherTrust Data Security Platform, followed by a live conversation between Marc Segiun and Eric about the Thales vision for app-layer data protection.

Presented by:
Marc Seguin, Director of Developer Solutions, Thales; Eric Wolff, Senior Product Marketing Manager, Thales

Protecting credentials, data, and secrets in a containerized DevOps environment

Protecting credentials, data, and secrets in a containerized DevOps environment

Industry leaders from CyberArk, Red Hat, and Thales will discuss how the strength of our portfolios come together to protect credentials, data, and secrets in modern containerized DevOps environments. Learn how the combination of Red Hat OpenShift Container Platform, CyberArk Conjur, CyberArk Privileged Access Manager, Thales CipherTrust Data Security Platform, and Thales Luna HSMs provide end-to-end encryption, secrets & key management for the DevOps community to build secure cloud-native applications.

Presented by:
Dave Meurer, Red Hat; Evan Litwak, CyberArk; Rohini Deepak, Senior Manager, Strategy, Thales

Blogs

How to use the Luna HSM and DPoD Luna Cloud HSM Client with node.js

How to use the Luna HSM and DPoD Luna Cloud HSM Client with node.js

Interfacing with the Luna HSM and the Luna Cloud HSM service provided by DPoD requires a package called PKCS11js. The file index.d.ts provides a complete Javascript/Typescript API definition. A discussion of the full API is not presented here, however, index.d.ts is maintained by the pkcs11js author(s) and thus one should refer to it for any deficiencies or incompleteness in the use of the API here.

Using a Hardware Security Module with Hyperledger Fabric 1.2 SDK for Node.js

Using a Hardware Security Module with Hyperledger Fabric 1.2 SDK for Node.js

Hyperledger Fabric implements a permissioned distributed ledger. Each user owns a private key and a public certificate (that includes a public key) that will be used every time that he/she will create a transaction on the blockchain network. Blockchain node peers will check them to determine if this identity is allowed to execute smartcontract code on them.