null++: بالعربي

Episode[39]: Managing Secrets

Episode Summary

Hello & welcome to this new episode from the null++ podcast. In today's episode, we will go quickly over the topic of managing secrets, the secrets lifecycle, and the available tools and practices that could help you with keeping your secrets secure and risk-free.

Episode Notes

Key phases of a secret’s lifecycle

• *Creation – Secrets can either be created manually by a user or generated automatically.
• *Storage – Secrets can be stored centrally or separately, using designated solutions (a PAM-based secrets management tool or password manager) or common approaches (in a text file, on a shared disk, email, etc.).
• *Rotation – Secrets can be changed or reset on a schedule, thus improving the overall protection of an organization’s infrastructure. Secrets rotation is one of the key requirements of many regulations and standards.
• *Revocation – Secrets can be revoked in the case of a cybersecurity incident. Thanks to this measure, organizations can prevent or limit the negative consequences of an incident and make sure that attackers can’t use compromised credentials for accessing your organization’s critical resources, systems, endpoints, or applications.

Available open source tools

• Keywhiz
• knox By Pintrest
• CONFIDANT By Lyft
• Vault By Harshicorp

Tools to encrypt data in git repositories

• blackbox By StackExchange
• git-secret
• git-crypt 

Episode Picks:

• Luay:  refactoring.guru
• Alfy: Master the Skill of Debugging CSS Book.