Developer-on-Duty Automated Access
With PagerDuty & Apono

 

The PagerDuty incident response management solution notifies on-call dev. teams regarding incidents and orchestrates pre-defined teams to support production issues affecting availability and service level.

Getting access to the resources needed required to resolve the issue is a different story.

To avoid increasing friction between departments, the most common way of providing on-call teams with access is to provide admin access.

“Before we had Apono, developers who needed access to fix something in production or look into a database, actually had to connect with the DevOps team to get permissions. It might take time because the team is busy. so in certain cases, they actually got more privileged than needed.”

Openweb Logo – Apono Access Automation

Yaron Blachman

CTO & CISO @ OpenWeb

Incident Response Access Automation

Real-time events require real-time access. Permissions should not be your bottleneck nor your Achilles heel.

Least Privileges to Production Resources

Apono’s integration with PagerDuty enables the creation of access policies that are synced with PagerDuty on-call groups, validating that the requester is on-call, and allocating the minimum amount of resources needed to resolve the incidents.

  • Grant users only as much required access as needed to effectively resolve the incident.  
  • Advance permission management allows “Just-in-Time” access duration limitation.
PagerDuty Access Automation – Apono
chatops Approval Workflow – Slack – Apono Access Automation

Respond Faster While Maintaining Your Security Posture

Easily create declarative access flows that gain contextual authorization information from PagerDuty 

  • On-call “Responder” groups can be used to assure only the Devs-on-Duty are granted access.
  • On-call “Approver” groups are synced to maintain compliance requirements and approval processes. 
  • ChatOps approval workflow simplifies the permission-granting process by utilizing tools already adopted by your organization (Slack, Teams).

Automated Contextual Access Granting

The contextual data given by Apono’s PagerDuty Integration, in conjunction with IDP and Chatops integrations allows the creation of contextual automated access flows.

  • User authentication validation through company Identity Provider (IDP).
  • User PagerDuty on-call status is validated through the PagerDuty integration.
  • ChatOps integration for end users to easily get the permissions needed, when needed.
Break Glass - Automatically Approved Access Flows
Apono – Secure access managment for the public cloud

Automatically Given, Automatically Revoked  

 

Create access flows that are automatically revoked according to predefined parameters.

  • Automatically revoke standing privileges, reduce risk to pre-incident status.  
  • Maintain a full access trail that satisfies customer security requirements and maintains a full audit log.
  • Admins can manually revoke access to all production resources from within Apono at any point of the access duration

Bring a Frictionless Experience to Your Organization

Limit

Access to reduce your human errors in production

Grant

Automatically secured access to incident response teams

Revoke

Permissions automatically, reducing standing privileges risk