Secrets Management in a Cloud Agnostic World

Stop us if you’ve heard this one before. Secrets management is hard and, in the days of tools like Trufflehog, finding secrets in public repositories is easy: just point and click. So it was a day-1 initiative of Cruise’s Security team to ensure we have secrets management as a primary consideration for application and service owners during our software development lifecycle. Before we examine the specifics of what that looks like, we should take a moment to consider some of the challenges that every organization and individual faces when storing secrets.


Comments

Be the first to comment !



Related Posts


Bill Mulligan , 4 months ago

Cloud Native Best Business Practices (Part 2) — Klusters as Kattle

The analogy of Pets vs Cattle has become one of the core concepts of a DevOps service model. The ..

Bill Mulligan , 3 months ago

Cloud Native Best Business Practices (Part 3) — Open Source

This blog is the third of a seven-part series providing a roadmap to help teams build the busines..

Bill Mulligan , 2 months ago

Cloud Native Best Business Practices (Part 4): Automatic Backup And Disaster Recovery

To quote Michael Dell, “the cloud isn’t a place, it’s a way of doing IT.“ As IT becomes more and ..

2 months, 2 weeks ago

Cloud Native Application From Scratch - Kamil Hajduczenia

Ready to see some code? Containers, microservices, GKE, and more. Dive deep into application deve..

2 months, 1 week ago

Cisco Simplifies Kubernetes Container Deployment With Microsoft Azure Collaboration

Microsoft's Azure Kubernetes Service (AKS) has been added to the Kubernetes managed services that..

2 months, 4 weeks ago

Gitlab And Google Webcast - Running Containerized Applications on Modern Serverless Platforms

In this webcast, we'll walk through some of the benefits and challenges of using cloud-vendor-spe..

-->