Session

Secrets Security End-To-End

Credentials allow human-to-machine and machine-to-machine communication. According to recent research, 93% of organizations had two or more identity-related breaches in the past year. It is clear that we need to address this growing issue. Unfortunately, many organizations are OK with using plaintext credentials, which we should all know not to do by now.

These go beyond just adding these credentials to build systems and into our code. Secrets sprawl into our local scripts, communication tools, and project management tickets daily. Attackers know this and are counting on you not getting a handle on the problem by the time they break in.

Given the scope of the problem, what can we do? Let's make a plan!
- Secrets Detection
- Secrets Management
- Developer Workflows
- Secrets Scanning
- Automatic Rotation

By the end of this session, you should have a clear roadmap for taming the machine identity mess in your code and pipelines.

Dwayne McDaniel

Developer Advocate at GitGuardian and huge fan of open source

Chicago, Illinois, United States

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top