We keep our credentials and secrets in .env files, env variables, and config files. We share that data often in an insecure way. We rarely think about if we are making it easy for someone to access our data. Do you understand what happens after the breach?
This talk looks into the business repercussions of weak secrets management; we go over the typical patterns of use and why they might be harmful. We shall also look at ways to improve this situation and decrease the fallout in case the worst happens.