An Overview of cloud-Native secret Management presented at BSidesChicago 2018

by Yuechuan Chen,

Summary : Secret management is one of those things that everyone needs to do but is challenging to do correctly. Secrets such as API Keys, tokens, and database passwords are difficult to manage and store due to their sensitive nature. Many developers including myself have had the experience of accidentally checking in API keys into version controls, or composing database passwords in container images. This presentation aims to raise awareness of the importance of secret management, to identify desirable characteristics of a Sec Mgnt solution and to present the audience with an overview of the existing in-cloud and on-premise solutions.