By now, you are very likely aware of the problem of secrets sprawl. Millions of hardcoded plaintext credentials keep showing up online in easy-to-scan places year after year. Worse yet, adversaries have gotten very good at exfiltrating and validating these secrets. Rotating the key or password after an attack is far too late.

What if every credential that an adversary could find expired before they could exploit it? What if keys, just a few hours old, no longer worked?

Let's embrace a future of proper secrets management and auto-rotating secrets. It might seem overwhelming at first to consider accomplishing this, especially if you have never tackled secrets management before, but for many systems, this is easier to achieve than you might realize.

In this session, you will
- Get an update on the state of secrets sprawl
- Diagram auto-rotation architectures
- Plan a secrets audit and code refactor strategy
- Start the email that will help you convince the team