What is Secrets Management?

Показать описание

How are you making sure that your secrets are securely stored so that you can avoid data breaches, as well as chaos in your DevOps workflows?

In this lightboard video, Alex Greer with IBM Cloud, visually breaks down what a secret is and how a secrets management service can help to ensure the secure storage of secrets so that you don't have to worry about data breaches from mismanaged credentials.

#SecretsManagement #CloudSecurity #DataBreach

Рекомендации по теме

Комментарии

Thanks for this. Kudos to the PM who thought of this. This feels like a much needed product. Thank you and kudos to the teams for making this happen.

stanleysoman

I'm still confused. How does this "request" process to the secret manager happens? In my understanding, the secret manager will only approve the "request" if the requestor can somehow prove that he/she is who he/she claims to be. But, isn't that means we are still dealing with user credentials here? So what does the secret manager really achieve? Is it just adding a centralized layer so that we can easily "revoke" a permission from a particular user to particular service?

mycotina

That just kicks the ball down the street one level of indirection. It’s better and you can using the centralized mechanism fix a breach but the client still is the weak link. Thx for the videos. They are all interesting.

rickharold

The title of the video is somewhat confusing. It mostly goes over the usages of secret management and doesnt even scratch the surface of HOW this is implemented (i.e. HSM). I'd love to see more of latter.

shayberkovich

Requester - AD/Cloiud permission under IAM Policies and protocols - Gaining level of acesss - 9 Minutes Clip ?

dasaribrahmanaidu

I needed this. Does anyone knows a similar secret store manager like the IBM DCM and google secret manager?

MBlessing

I need to login via single sign on Application.
Prompts network credentials on this single sign on Page.
What if I create synthetic ID(user/pwd)?
Store them in Secret Mgr.
I still would need user and password to login to SSO App for Automated Testing .
Only difference is I now get the credentials calling SMS?
🤔
Is this ok Data Breach ?

truthexclusive

What is Secrets Management?

What is Secrets Management?

Best practices for secrets management

Secrets Management and DevSecOps: An Enterprise Maturity Model

Understanding AWS Secrets Manager - AWS Online Tech Talks

Understand secrets management in Kubernetes

HashiCorp Vault Explained in 180 seconds

What are secrets and how we use them in software development

5 best practices for secrets management

Top Leadership Coach Reveals Hiring Secrets for GROWTH

The Rise of Secrets Management

What is AWS Secrets Manager | Amazon Web Services

AWS Secrets Manager - What And Why

Hello CISO - Episode 7: Secrets Management and Infrastructure

Is secrets management a solved problem? Panel discussion

Our Journey Into Secrets Management With Vault

Secret Management with Hashicorp's Vault • Daniel Bornkessel • GOTO 2018

KeyConf NYC - Secrets Management at Enterprise Scale - Dr Conor Mancone

Best Approach to Secrets Management - Webinar with Chef

The Key to Strong Cloud Security: Secrets Management

Manage Kubernetes Secrets With External Secrets Operator (ESO)

Secret Management for Modern Apps Explained

Kubernetes Secrets Management with ESO | Kubernetes Tutorial | KodeKloud

The CISO's Guide to Secrets Management

How to Properly Manage Application Secrets (5 LEVELS)