Secretless & the End of Application Secrets as We Know Them – Brian Kelly – ESW #191
Passwords, keys, and other secrets are becoming an outdated technique for applications to use. They are usually over-privileged, easy to steal, and very hard to handle securely. Developers frequently log them by accident or stash them in unsafe places. The Secretless pattern is a new way of architecting applications that guarantees that the application never handles the secrets it needs to access databases or other secure resources. Secretless architectures open up a whole set of opportunities for a new model of secure application development and governance. This segment is sponsored by CyberArk.
Visit https://securityweekly.com/cyberark to learn more about them!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Guest
Brian is Head of Conjur Engineering for CyberArk. He leads the R&D teams focused on DevOps integration products. Brian has over 20 years of experience as a software leader, having been a VP of Engineering at multiple technology companies prior to joining CyberArk. He has deep experience in DevOps, cybersecurity, distributed systems, and SaaS. His current professional focus is on increasing the security of application development while also the kind of high velocity that markets now demand.