• CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • PARTNERS LOGIN
  • CONTACT US
  • PRIVACY POLICY

Starting off 2021 with Major Releases in the ThirdPartyTrust Platform

Published by Frank on March 25, 2021
Categories
  • Blog
Tags
  • Product News
  • TPRM Best Practices
Major-Releases-in-the-ThirdPartyTrust-Platform

Over the past weeks, our Engineering team has been working on exciting major releases in the ThirdPartyTrust platform, including a new and improved Kubernetes cluster. This upgrade will make it easier and quicker to introduce changes and manage configuration items for each of our environments (development, testing, demo, stable). As the Head of DevOps at ThirdPartyTrust, I’m excited to tell you everything about this project.

 

Introducing the ThirdPartyTrust Kubernetes Cluster Using GitOps

Although most of our processes were already automated, they would be performed via a script. The script was a fast way of automating all the manual work in order to deploy the different artifacts in the different environments. However, this still required copying and pasting code, which was not scalable when we needed to make changes across our infrastructure. 

We needed to decentralize and have smaller pieces of reusable code across all environments. This makes them easier to maintain, modify, or even replace.

 

Why is this update so important?

We have improved visibility over our infrastructure and developed more reliable pipelines to build and deploy code. Our delivery methods are stronger than before. Instead of some down times during upgrades we now have more secure and stable releases, and we’re on our way to zero downtime releases.

Zero downtime releases will allow us to deploy faster, new code, not only throughout the maintenance window but also throughout the day, knowing that we can roll back securely without affecting our customers.

The way I see it, these are the biggest benefits:

 

  • Deploying new features will be easier, faster, and more reliable
  • Added more robust rate limiting capabilities
  • Serve more traffic in a cost effective manner
  • Reproduce the cluster at any time (DR)
  • Increasing visibility to detect and mitigate any issues at an early stage
  • Reducing costs on the development infrastructure

 

How does this impact ThirdPartyTrust?

These changes will allow ThirdPartyTrust to release features in a faster, more secure and reliable way. This will in turn allow our team to innovate more and release fixes quicker.

In times where everything is moving so fast, this level of flexibility becomes a competitive advantage.

 

Secret Management: The Place Where it all Began 

The first thing we need to know is that our software delivery approach is called GitOps. The GitOps methodology is all about implementing Continuous Deployment for cloud native applications —it basically says that your source of truth for every single item deployed in the infrastructure is in the Git repository.

This means that everything that’s deployed at any time can be seen by anyone without having to have access to the cluster, but by just inspecting the Git repository.

So when we deploy everything in the repository, we need to manage the secrets. A secret is a configuration item that could be a password, or a license key for a vendor service, or something similar. It is critical to hide the secrets not only from the people that don’t actually need to work with them but also from external parties —such as cybercriminals.

We have already replaced our secret management system with a state of the art encryption system. Now we have taken our security measure to the next level and have everything encrypted at rest in our Git repositories. 

With the  integration to our ticketing system, this improves the traceability as to who made a change, when it was done, and why it was done.

 

Why Should Secret Management be a Cybersecurity Priority for all Organizations?

Secret management is one of the cybersecurity aspects that most people tend to minimize. If for some reason secrets are exposed, an attacker could actually use those keys to impersonate an identity and gather data from the network of customers or employees, and use that information for more attacks.

Nowadays data is the new oil and we need to be very careful with how we manage our secrets and who has access to them.

Here go some useful tips:

 

  • Rotating the passwords periodically
  • Using multi-factor authentication for all your platforms and tooling
  • Having an up-to-date infrastructure to leverage open source tools and blog posts of specialists or companies that have already gone through this
  • Start small, but start now. Grab a piece of code or an item that can be delivered automatically has the least impact on the rest of your application, and try to automate it using this GitOps approach.
    • Look for the tools that best meet your needs; it could be Flux CD, Argo or a Rancher fleet.
  • Spend some time using this approach with that single feature, and then gradually introduce other features as well. The more you use it the more you will learn.

These best practices will always make for a more secure platform and a more secure company. Protecting our infrastructure is a way to protect our customer’s data too.

 

What are the next steps or major releases in the ThirdPartyTrust platform?

There is more to come on this front, like the ability to autoscale the infrastructure and recover faster as the platform’s activity increases. As you might know, we’ve experienced a huge surge in traffic as our network has recently reached 17,000+ vendors assessed and this number continues to grow at an amazing pace year over year.

These changes will also allow us to use state-of-the-art tools in various fields such as monitoring, admission controllers, logging, and the ability to handle increased traffic.

In addition to that, having automated the infrastructure creation into the software deployment allows us to start thinking about an automatic disaster recovery strategy.

And as always, these are just iterations and continuous improvements on the quality of the service we deliver to our customers.

 

Final thoughts

I’m pretty excited that we have reached this point. I want to thank my DevOps Team and the entire Engineering Team at ThirdPartyTrust for their amazing work and support on this huge project. 

We are at a point where we can start analyzing new scenarios to keep up with what people expect as practitioners of technology and cloud-based apps. These are exciting times!

 


 

 

To learn more about how ThirdPartyTrust can help you streamline your third-party risk assessment and monitoring process, request your free trial now:

 

 

 

Trial Account Sign-Up

Frank
Frank
  • Phone
    |+1-617-245-0469
  • Address
    |
    111 Huntington Ave, Suite 2010, Boston, MA 02199
  • Sales
    |sales@bitsighttech.com
  • Contact Us
Laika_SOC2_TypeI_PurpleIris        CSA_Trusted_Cloud_Provider

©2022 ThirdPartyTrust, LLC and its Affiliates. All Rights Reserved. | 111 Huntington Ave. Suite 2010 Boston, MA 02199
  • PARTNERS LOGIN
  • CONTACT US
  • PRIVACY POLICY
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Reject AllAccept
Cookie Settings
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT