Securing the Software Development Lifecycle with Zero Trust Architecture

 

It is common to find Security gaps related to user access and permissions in the software development lifecycle (SDLC) .  Most solutions focus their attention on user authentication and ignore permissions. They do not provide any visibility on user actions about access to code or deployment environments. Most solutions lack granular controls for contractor-related access to code and infrastructure. Unsecured access to CI/CD pipelines and software build processes poses key security risks to critical infrastructure. Securing the SDLC is paramount for an organization's business success, continuity and protection of their intellectual property. 

The latest release of Appaegis’ Access Fabric addresses these deficiencies in existing solutions.  

Appaegis Access Fabric New Capabilities:

  1. Secure access controls for Bitbucket through Native GIT clients
  2. Unity agent 1.2 with support for AWS Local Zone and GIT access controls
  3. Support for Microsoft ClickOnce applications 
  4. AWS Local Zone Support to improve performance for remote users' application access 

Secure Access Controls for Bitbucket through Native GIT clients  

We announced the launch of our Appaegis Unity Agent earlier this year. Appaegis Unity Agent 1.2 provides an easy to deploy integration with Bitbucket. This enables the organization to control access to actions that developers, DevOps or Software Release Engineers (SRE) perform on native GIT clients for infrastructure deployments.  

The Appaegis Unity Agent generates a unique SSH Key that can be then configured on the Bitbucket setting tag, enabling the agent to then route all GIT actions through the Appaegis Access Fabric. Granular policy and permission controls can then be applied for access to code infrastructure.

 

 

 

The native integrations with GIT, allows greater visibility into the software development process (SDLC) and CI/CD pipelines. This also helps identify and resolve any security gaps associated with access to an organization's intellectual property. Appaegis Unity Agent allows the controls to be applied to employees or contractors, with centralized policies for access and permissions granted. 

 

Support for Microsoft Click Once Applications

The ability for authorized Windows users to securely download files from office 365 for ClickOnce applications has been added. Controls for file download can be added through an access policy that can be monitored. Users need only to enable the “ClickOnce” setting in the Edge Browser. All the downloads are protected through the browser isolation functionality of the Appaegis Access Fabric 

 

AWS Local Zone Support to improve performance for remote users' application access 

Appaegis has launched support for AWS Local Zone deployments based on a customer home region. This helps improve remote user's performance for access to RDP, SSH applications and Kubernetes clusters.   

Built in redundancy has also been added via the Appaegis Access Fabric with Support for Default Global Zones. End users will now connect to their nearest local zone, thereby reducing network latency and improved performance for access to their applications. Support for AWS Local zones is added for agentless as well as for Appaegis Unity Agent users. 

 

Conclusion 

Appaegis Access Fabric enables organizations to enhance security around their software development lifecycle and close security gaps associated with access to critical company infrastructure and intellectual property.  

Appaegis Access Fabric helps implement a Zero- Trust Architecture for secure access to applications, enhance data security and secure the software development supply chain. 

Click here to set up a meeting with our security and DevOps experts to learn more about best practices in securing your software development lifecycle (SDLC).

Product Update 2022 2.0-2

 

Back to Blog

Related Articles

New Features in Appaegis Isolation Access Cloud (IAC)

  With the new year come new beginnings. Here is the first in our series of regular updates on new...

Enhanced Security & Compliance with Appaegis Access Fabric

 

SOC 2 Type II Certified

  Appaegis’s solutions were designed to solve the most complex remote access problems for our...