Secure your database change pipelines

Make sure you have a solid traceability history by using automated tools to retrieve credentials from repositories or “vaults”. Not only do we log the event itself, but also the triggering of the event and the contents of the change.

Liquibase works with secure password automation tools like HashiCorp Vault and Oracle Wallet. Many CI/CD tools such as Jenkins, UCD, Azure DevOps, and others allow for securely storing credentials and retrieving them at runtime.

Automating changes minimizes security vulnerabilities by eliminating manual reviews and manual rework of database changes.  Ensure that only good, secure SQL changes get put into production to improve quality and while speeding up the overall flow through your pipeline.

Liquibase offers Policy Checks for on-demand database code validation. Rules ensure database code is safe and compliant before it ever gets to production. Your team can process different types of rules and choose how you’d like the system to automatically handle them.

Detecting variances between the actual and expected states of your database quickly and reliably is important and incredibly helpful from a security standpoint. Liquibase can detect drift by using snapshots and diff functionality when set up in automation.

Liquibase takes a snapshot after every database deployment, puts it in version control, and regularly compares your databases. You can set up alerts if the states of the databases don’t match so your team can promptly investigate potential issues.