A Toronto enterprise password management provider is expanding into the field of machine secrets management with the launch of a new product and an acquisition.
On Tuesday, 1Password launched Secrets Automation, a new way to easily secure, manage and orchestrate infrastructure secrets held in applications. These “secrets” include corporate credentials, API tokens, keys and certificates.
At the same time, the company said it had bought SecretHub, a Netherlands-based secrets management company that protects nearly 5 million enterprise secrets per month.
The SecretHub team and chief executive officer Marc Mackenbach will join 1Password immediately to help accelerate the Secrets Automation roadmap.
Secrets Automation allows developers to easily use, retrieve and set secrets that applications need without hardcoding passwords or sharing other needed secrets inappropriately, Carson Brown, 1Password’s senior product manager, said in an interview.
Secrets Automation, which runs within 1Password, integrates with services developers may already use, such as HashiCorp Vault, Terraform, Kubernetes and Ansible. There are also client libraries in the Go, Node and Python languages.
”This is something many customers have asked us to try and help them with,” Brown said. “All businesses that have any kind of infrastructure have this problem: You’ve got team-mates – your DevOps teams, you’re SREs (site reliability engineering) et cetera – who need to securely send secrets to one another. And then it has to be part of the infrastructure where their software runs.”
He added point solutions don’t solve the problem because they create “multiple sources of truth to manage.”
An example of this was the 2016 exposure of data on 57 million users and drivers of Uber cause when a software engineer accidentally placed a secret key into source code.
The pricing of Secrets Automation is on top of a 1Password subscription. It starts at $29 a month for 25 credits and goes up based on the number of password vaults created and accessed.
During setup, an administrator configures the number of1Password vaults that Secrets Automation can access. Specific permissions for accessing a development environment with tokens can be created.
All 1Password customers are allowed three credits for free so they can power a workflow with the sensitive data they keep in the password manager.
To help developers, Secrets Automation will be integrated with the GitHub development platform.
The acquisition of SecretHub came as 1Password began looking at entering the secrets management space, Brown said.
“The problems we want to solve align very much with the problems they want to solve … We saw them as complementary to the way our method of building products,” Brown said. “We put security and privacy first, and so do they. Their encryption is not too dissimilar from ours.”
The purchase price hasn’t been revealed.
Founded in 2006, 1Password had about 450 before the acquisition. About 150 were added last year, Brown says, in part because of the demand for enterprise password management with more corporate employees working from home.
The company says it has 80,000 business customers including IBM, Slack, GitLab and Dropbox.