The natural next step for every enterprise is going for a Cloud Native experience and fully leveraging innovating services that were born in the cloud. To maximize the benefits like costs, speed, and agility most businesses are choosing a platform approach-based service that can support modern CI/CD processes. GitLab is such a challenger, which is recognized by Gartner as a serious player in the CI/CD and Application Release Orchestration market. GitLab CI/CD is the product that helps customers to speed up delivery and agility by fully embracing containerization and maximize the profits of a cloud platform. Many organizations make the mistake that they think security is fully arranged, but only basic security is built into the platform. Based on shared responsibility, teams are still responsible for the security of what is running in the cloud. This results in the fact that afterwards they still have to retrofit security controls into the software development pipelines. Still too often security is seen as already arranged or a speed bump to be avoided.
This Machine Identity Management Development Fund project seeks to make Venafi CodeSign Protect a closely integrated service in the Cloud Native market with containers to enable DevOps to go fast with GitLab CI/CD and furthermore transform them to solid DevSecOps teams. The platform will be configured by default for security to protect code signing machine identities and delivers the visibility, intelligence, control, and automation modern Security teams demand.
The Fullstaq delivered GitLab integration package for Venafi CodeSign Protect will be released under Apache 2.0 and hosted from the Fullstaq GitHub.