Autopilot helps security managers to implement DevSecops by integrating security best practices as a part of the CI/CD pipeline. Security managers can assess and mitigate risks while frequently deploying software into production.

Overview

Following are the key benefits of the features.

1. DevSecOps: You can use Autopilot to integrate security checks in the delivery automation tools like Spinnaker. Autopilot can integrate with any SAST (like SonarQube) or DAST tools (like Aquawave and HCL App Scanner), ensure security checks are not bypassed during the delivery process and provide the results in the approval dashboard. In case of any issues, Autopilot can notify developers to work on the issue or allow the deployment by dismissing false positives.

2. RBAC: Autopilot provides RBAC for all the resources that a CD solution manages. This granular control allows developers to self-service and establishes control for the resources without requiring the administrator’s assistance. It also ensures proper security is available for those who can deploy to specific targets, use or edit a policy, or approve a particular service to production.

3. Standard Authentication: Autopilot provides the ability to DevSecOps managers to restrict access to pipelines, projects, and accounts by hooking into the authentication systems that you are already using, such as OAuth, SAML, LDAP, X.509 certs, Google groups, Azure groups, or GitHub teams.