Doppler Launches ‘Change Requests’ to Strengthen Secrets Management Security with Audited Approvals
SAN FRANCISCO, Oct. 03, 2024 (GLOBE NEWSWIRE) — Doppler, the leading platform in secrets management, today announces the launch of Change Requests, a new feature providing engineering teams with a secure, auditable approval process for managing and controlling secret changes across environments. Designed to enhance security, compliance, and team collaboration, Change Requests gives organizations the tools to mitigate the potential risks from misconfigurations or unauthorized changes and maintain a comprehensive audit trail of all secret modifications. This launch comes at a time when organizations are facing increased security and compliance demands, particularly in managing sensitive information.
As security breaches and insider threats continue to rise, managing secrets has become a growing challenge for teams of all sizes; protecting sensitive information at every stage of the software development lifecycle is critical. According to a recent study by Cybersecurity Ventures, cybercrime damages are expected to cost the world $9.5 trillion in 2024 alone, and compromised secrets and misconfigurations remain significant factors in these attacks. In 2023, GitGuardian reported that there were 12.8 million incidents of exposed secrets on Github which is an increase of 28% from 2022, highlighting the need for tighter controls over sensitive information.
Doppler’s Change Requests is designed to address these risks by introducing a formalized, auditable approval process for secrets management. This feature offers teams a centralized and controlled way to manage changes to sensitive information while maintaining full visibility into who made updates and when.
Addressing Needs for Security and Compliance
- Reducing Misconfiguration: According to the most recent Verizon Data Breach Investigation Report, breaches as a result of errors grew by 28%. By treating secret changes like code, Doppler seeks to help companies decrease this number and reduce the chances of misconfigurations reaching production. With Change Requests, organizations can require peer reviews and approvals for every configuration change to ensure all updates undergo proper scrutiny before being deployed.
- The Growing Compliance Burden: Cybersecurity standards are increasingly holding companies accountable for how they handle sensitive data. Organizations need clear audit trails and compliance-friendly processes. Paired with detailed activity logging, Change Requests further eases the burden teams face by keeping a complete, auditable trail of every request, review, and change, providing a fully traceable history.
- Enforce Security with Controlled Access: As teams grow, so does the complexity of managing secrets. Organizations can safeguard sensitive secrets with custom roles and user groups by enforcing a structured approval process, ensuring only authorized personnel can make critical updates. This helps prevent unauthorized changes and boosts their overall security posture while keeping teams nimble.
Building Trust Through Security
“It’s incredibly exciting to ship our most demanded feature by both developers and enterprises! Just as pull requests have increased the level of trust with production code, Doppler will fill that long awaited gap with secrets,” said Brian Vallelunga, CEO of Doppler. “I’m confident that Doppler’s Change Requests is going to establish a new paradigm for managing secrets securely at enterprise scale—undergoing approval, maintaining a rich audit trail for security and compliance, and integrating natively with production infrastructure for uninterrupted, no-downtime rollouts.”
Availability
The Change Requests feature is available now for all users on Doppler’s Enterprise plan. To learn more about implementing Change Requests and how it can improve the organization’s security and compliance efforts, users can visit Doppler’s documentation.
About Doppler
Doppler is the leading platform for managing secrets such as environment variables, API keys, and tokens in a centralized, secure, and scalable way. Trusted by thousands of security-conscious teams around the world, Doppler provides developers with the tools they need to keep secrets in sync across every app, service, and infrastructure. Built with security in mind, Doppler offers robust integrations, comprehensive logging, and enterprise-grade encryption to ensure sensitive data remains protected throughout its lifecycle.
Contact
Doppler Press
press@doppler.com