Episode: Managing Secrets
Hello & welcome to this new episode from the null++ podcast. In today's episode, we will go quickly over the topic of managing secrets, the secrets lifecycle, and the available tools and practices that could help you with keeping your secrets secure and risk-free.
Key phases of a secret’s lifecycle
- *Creation – Secrets can either be created manually by a user or generated automatically.
- *Storage – Secrets can be stored centrally or separately, using designated solutions (a PAM-based secrets management tool or password manager) or common approaches (in a text file, on a shared disk, email, etc.).
- *Rotation – Secrets can be changed or reset on a schedule, thus improving the overall protection of an organization’s infrastructure. Secrets rotation is one of the key requirements of many regulations and standards.
- *Revocation – Secrets can be revoked in the case of a cybersecurity incident. Thanks to this measure, organizations can prevent or limit the negative consequences of an incident and make sure that attackers can’t use compromised credentials for accessing your organization’s critical resources, systems, endpoints, or applications.
Available open source tools
Tools to encrypt data in git repositories