Episode 14: DevOps Secret Management

Episode 14 January 14, 2020 00:30:45
Episode 14: DevOps Secret Management
SilverLining IL
Episode 14: DevOps Secret Management

Jan 14 2020 | 00:30:45

/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Oded Hareven

Guest title:  Founder & CEO

Company:  A-Key-Less

Abstract

Application Secret management is becoming one of the biggest challenges for application security. With cloud, CI/CD and micro services architecture we discover that we are using a growing number of encryption keys, API keys, SSH keys tokens and connection strings. In this episode we talk with Oded HarEven, Founder at A-Key-Less about the challenges of secret management and the way to build secure secret management solution.

Timing

0:00

Intro and introducing our guest

1:40

Application secret management  - defining what secret is, and what is secret management

6.00 

Challenges with encryption keys 

9:47  

How to handle application secret management and encryption keys - requirements and best practices

12.25

Zero trust in key management - what does it mean and how to implement it

20:10

The process of integrating keys with cloud platform

25:35

A-Key-Less state of the market approach

27.35

Summary and conclusions

Other Episodes

Episode 19

August 02, 2020 00:40:22
Episode Cover

Episode 19: Understanding Cloud Attack Vectors

Attendees Guest: Or Kamara Guest Title:  Senior team lead  Company:  Synk Abstract Cloud computing can bring interesting and new attack vectors. In this episode,...

Listen

Episode 28

November 11, 2020 00:29:02
Episode Cover

Episode 28: Analyzing Cloud Attack Vectors - SaaS Marketplaces and Office 365 BEC

Attendees Guest: Ofer Maor Guest title: Co-Founder & CTO  Company: Mitiga Abstract The recent increase of cloud based attacks gives us an opportunity to...

Listen

Episode 31

December 23, 2020 00:32:14
Episode Cover

Episode 31: Understanding Cloud Native Security Basics

Attendees Guest: Benjy Portnoy Guest Title: Sr. Director, Solution Architects Company: Aqua Security Abstract A cloud-native security strategy entails protecting the infrastructure, build, and...

Listen