Hard coding secrets – usernames, passwords, tokens, API keys, and more – is a risky practice that’s been around for as long as developers have been writing code. This problem is far from solved. In fact, hardcoded secrets are increasing in prevalence due to modern micro-service based architectures in which comments and services need to securely authenticate with each other and establish authorization mechanisms.
Tackling the problem of hardcoded secrets is not something most organizations do over night. Doing it right requires a combination of approaches, technology, processes and organizational buy-in. In this session, you’ll learn how to build an effective secrets management program using a maturity model that helps you assess your current capabilities and plan your next steps. This session covers: What hardcoded secrets are Why hardcoded secrets are a security risk How to detect and remediate hardcoded secrets How to use the maturity model to effectively manage your organization’s use of secrets
Orion Cassetto - Sr. Director of Product Marketing, Cycode