Atlassian describes the Jira platform as a workflow engine that allows for the tracking of units of work through customizable workflows. Work in Jira is organized into projects, where you can define granular user permissions and assign roles to users and groups. Built-in project templates offer a way to get started quickly on particular project types, enabling an entire organization to track their issues at a project level with both control and complete transparency.
So you have a widely deployed technology platform that makes business flow—great. And you have many humans across the organization in technical and non-technical roles interacting with it—risky.
Many IT professionals struggle to automate the lifecycle of keys and certificates that serve as machine identities. Without automation, organizations can introduce manual errors in certificate requests and lack crucial information on where these critical security assets are installed. In addition, many organizations don’t know who controls access to each system where a machine identity is installed. These issues can lead to costly outages, affecting the reliability and availability of critical servers.
Recently I had the opportunity to meet with ServiceRocket, which was sponsored this year by the Machine Identity Management Development Fund. ServiceRocket has built an integration between Venafi and Atlassian Jira that will make it easier to bring engineering and InfoSec teams together when it comes to Machine Identity Management. In this continuing interview series with developers, I am speaking with Peter John Marquez who is the GM of ServiceRocket Apps and Managed Services.
Please start by giving us some background on ServiceRocket.
Peter: ServiceRocket is a Palo Alto-based company with offices in Sydney, Kuala Lumpur, Santiago, London, Singapore, Boston and Bengaluru. We are a trusted partner of fast-growing companies, helping them to grow and deliver amazing results. ServiceRocket are experts in building apps and bots on top of the Atlassian ecosystem and several other dynamic ecosystem platforms, supporting more than 5000 enterprises including AirAsia, Delta Airlines, NASA and the United Nations.
Describe the machine identity management challenge you were aiming to solve.
Peter: Automating the lifecycle of machine identities is critical, but it can be a struggle to integrate Venafi with work management tools like Jira, because the responsibility for machine identities spans multiple departments, including InfoSec and DevOps. Until now, managing machine identities required a lot of manual work and context switching between the two platforms.
If organizations don’t connect the two platforms, they are missing out on the important machine identity management capabilities provided by Venafi, adding unnecessary security risk, and impeding the adoption of policies set within Venafi.
How is ServiceRocket going to change that?
Peter: We are very excited to develop an Atlassian Jira app by ServiceRocket, which automates cross-functional TLS/SSL certificate workflow to improve productivity, enhances security by enforcing compliance with security policies defined in Venafi, and minimizes certificate-related outages.
This out-of-the-box integration makes it easy for engineers to access machine identities that comply with customer-defined Venafi policies. Specifically, they’ll be able to do the following through Jira:
- Download latest Venafi Platform policy
- Request certificate
- Download certificate
- Renew TLS certificate
- Revoke TLS certificate
The app will use the native Jira interface. Available fields will be updated based on Venafi policy. Engineering teams will now have a seamless, self-service way to manage certificates, and it ensures machine identities within their organization are secured.
How will organizations benefit from using the integration with Venafi?
Peter: The Atlassian Jira app will be published to the Atlassian Marketplace, and it offers these key features to Venafi customers:
- Automated TLS/SSL certificate management provides a self-service way for teams to create, renew or revoke certificates without manual effort or context switching.
- Direct Download, which means employees have a one-stop channel to request and download certificates.
- A Structured Request Form that ensures correct information is captured to generate the certificate.
- Integration with Jira Service Desk which allows teams to leverage ITSM solution features to manage workflow.
- Connections with both Venafi Trust Protection Platform and Venafi Cloud DevOpsACCELERATE to enforce security policies defined in Venafi.
- Responsive, global tech support available to answer questions and move past any roadblocks—especially during evaluation and implementation.
ServiceRocket’s Atlassian Jira app is available now. Find more info on the Venafi Marketplace, and stay tuned for future interviews with Machine Identity Management Development Fund recipients.
This blog features solutions from the ever-growing Venafi Ecosystem, where industry leaders are building and collaborating to protect more machine identities across organizations like yours. Learn more about how the Venafi Technology Network is evolving above and beyond just technical integrations.