Manage Passwords at DevOps Speed

Centrally manage passwords used to access applications and services without causing friction in the development process

Cloud password vault that operates at DevOps speed and scale

Replace risky password practices with secure API calls for automated secret creation, archiving, and retrieval.

See how DevOps Secrets Vault helps you protect privileges and reduce secret sprawl across your cloud attack surface:

  • Establish a Secure DevOps Vault – Store privileged credentials in an encrypted, centralized SaaS-based vault in minutes rather than hours.
  • Centralize Secrets – Eliminate disparate vault instances with a platform-agnostic solution that enforces secure secrets access and provides complete auditing.
  • Automate and Scale – Choose your automated interface (CLI and API) built for the speed and scale of DevOps pipelines and RPA deployments and tools.
  • Manage Secrets for IaaS – Remove standing access to critical infrastructure with dynamic secrets for AWS, Azure, and Google Cloud Platform.
  • Issue Certificates – Import a root or intermediate certificate and automate the issuance (signing) of leaf certificates.

Dynamic secrets management, delivered as a service

Cloud-native architecture

Rapid deployment and elastic scalability that static, IP-based PAM solutions can’t provide.

SAAS model

No management burden or expense of on-premises infrastructure or software.

Enterprise-wide PAM

Centralized, auditable secrets management and shared visibility among security and development teams.

Key Features

Protect the secrets DevOps teams and RPA tools need to access applications, services, and IT resources with:

  • Advanced automation – Command-line interface (CLI) and REST API
  • Infinite scalability – No need to add servers
  • High availability – 99.999% availability
  • Disaster recovery – Hot standby for rapid switchover
  • Local caching – High-performance workload handling
  • Cloud authentication – Supports AWS, Azure, GCP, and Thycotic One
  • Dynamic secrets – AWS, Azure and GCP
  • Secret Zero – Creation of a one-time-use URL for initial access to DSV.
  • Integrations
    • Secret Server Integration: Create secrets in DevOps Secrets Vault and sync updates to Thycotic’s flagship PAM solution for central management, including secret rotation.
    • SIEM Integration: Logs pushed in near real-time to a SIEM endpoint, including Syslog, CEF, and JSON log formatting.
  • Languages/tool support
    • DevOps tools: Jenkins, Kubernetes, Terraform, Ansible, Chef, Puppet
    • RPA tools: UiPath Orchestrator and Robots
    • Languages: Java, Go, Python, Ruby and .NET
  • Certificate issuance – X.509 leaf certificates issued from root or intermediate certificate
  • SSH Keys and Certificates – Automated and ephemeral SSH authentication.
  • Home Vault – Every user gets their own space for secrets; even admins don’t have access by default.
  • Sandbox tenant available – Test before deploying to production
  • Compliance – SOC 2 Certification

Attack surface hardened through DevOps privileged access control

Download the datasheet for a full list of features for DevOps Secret Vault.


Critical Controls for Modern Cloud Security

The rapid, iterative DevOps workflow exposes numerous security vulnerabilities. Download the whitepaper to see how PAM for the cloud lowers your risk.

Secret Server Hosting

Security Solutions as a service.
Maximize your password security,
Minimize your security risks.