Best Practices for Managing Secrets in Multi-cloud Environments

Presented by

Shikha Chawla and Scott Webster, Adobe

About this talk

The need to properly manage secrets is an essential part of the software development lifecycle. It can also be a tedious and time-consuming, not to mention error-prone, effort. Having a strong, enforced policy on secret rotation is essential. But it can also be complicated. First, you need to determine where all of your secrets are used, then you need to generate new ones, document this happened and why, put new secrets wherever they are supposed to be used, and also document the entire process in the end — preferably without breaking everything. You are likely wondering with all of this complication if it is even possible to come up with a way to properly manage secrets, especially in diverse, multi-cloud environments. The key is to look at this as a coding problem with a coding solution. Join Shikha Chawla, lead architect for Adobe I/O, and Scott Webster, cloud engineer, for insight into best practices for implementing an automated approach to secrets management. They will discuss what we have learned here at Adobe that works best for our application development and security teams that we hope will provide solid guidance you can use to implement your own automation program for secrets management.

Related topics:

About this channel

Cloud Security Alliance: CloudBytes
Upcoming talks (20)
On-demand talks (579)
Subscribers (42355)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa