Concourse Labs and Stone Door Group (SDG) announce the release of Security as Code Ansible Accelerator, a DevSecOps solution that integrates Red Hat Ansible and Concourse Labs to enable IT teams to create and apply Security-as-Code policies to their Infrastructure as code (IaC) automation pipelines.
Many IT organizations find little synergy between automation and policy compliance tools. The automation system deploys and manages IaC while policy compliance tools scan hours, days, or weeks after the fact. This time gap increases both the attack surface and duration of systems in a compromised state, creating unthinkable security incidents, like ransomware attacks, for IT stakeholders. Recently, hackers have found ways to insert compromised code into the automation backplane itself and turn trusted systems into distribution networks for their malware.
The Security as Code Ansible Accelerator connects automation and policy compliance by deploying a secure automation reference architecture with best of breed Red Hat Ansible and Concourse Labs. “The solution prevents malicious Infrastructure as Code configurations from executing in automation pipelines and continuously monitors for policy violations in deployed infrastructure,” said J Ram, CISO and Co-Founder of Concourse Labs. “With this solution, clients can decrease the risk of a broad based multi system ransomware attack, increase the security of their software supply chain, and ensure in real time that infrastructure is compliant with security policies.”
“We’re excited to partner with Concourse Labs. Customers are very concerned about ransomware and they’re looking for more sophisticated security controls to apply to provisioning workflows,” said Darren Hoch, President Stone Door Group. “Concourse Labs’ Security as Code platform integrates seamlessly into Red Hat Ansible, preventing potential security incidents before they happen, making this a valuable bundle we can easily position with our customers.”
Security as Code Accelerator is a turnkey solution that provides the software, certified implementation services, and integration templates to integrate Security as Code into an automation backplane as part of a broader DevSecOs strategy, significantly reducing the attack surface for ransomware and providing IT stakeholders assurances that their systems remain compliant.
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!