"Hush Security today emerged from stealth to provide an alternative approach to protecting application secrets using a platform that is designed to continuously discover them and then apply access controls based on policies defined by an IT team. Fresh off raising $11 million in funding, company CEO Micha Rave said the Hush Security platform eliminates the need to rely on legacy vaults and secrets managers that were not designed to meet the requirements of modern application environments based on microservices that need to dynamically access secrets."
"Rather than incur the latency overhead created by accessing secrets stored in a vault, Rave said the Hush Security platform is instead able to enforce access controls at runtime using the open source Secure Production Identity Framework For Everyone (SPIFFE) identity control plane now being advanced under the auspices of the Cloud Native Computing Foundation (CNCF). The SPIFFE framework itself, however, is challenging for DevOps teams to implement,"
"so Hush Security has opted for an approach that embeds it in a platform that dynamically manages access to applications, noted Rave. That capability will be especially critical in an artificial intelligence (AI) era that will soon lead to the deployment of thousands of AI agents that will need a low-latency method to access secrets to access data and services that also ensure least privilege access policies based on identity are enforced on a just-in-time basis, he added."
Hush Security provides a runtime platform that continuously discovers application secrets and enforces access controls based on IT-defined policies. The platform reduces reliance on legacy vaults and secrets managers that introduce latency and are unsuited to dynamic microservices. Runtime enforcement leverages the SPIFFE identity control plane while embedding SPIFFE to simplify DevOps implementation. The approach eliminates credentials to reduce the primary vector for cybercriminals. The platform maps every workload, service, and AI agent from code to runtime, enabling detection, assessment, and prioritization of risks and compliance while supporting low-latency, least-privilege access for large-scale AI agent deployments.
Read at DevOps.com
Unable to calculate read time
Collection
[
|
...
]