Rotating Secrets At Scale, Automatically, and With High Availability - Kenton McDonough

Logo
Presented by

Dwayne McDaniel - Developer advocate at Gitguardian

About this talk

In this episode of The Security Repo Podcast, we take a look at how to do secret rotation reliably in a highly available system. We are joined by Kenton McDonough. Kent got his MS in Computer Science from Virginia Tech in 2021 with a focus on systems and networking. He currently does security automation for Viasat Inc, a global Satellite internet service provider, with an emphasis on credential management and RBAC systems. We walk through the tech stack that Kent works with, which includes a little of everything. We revisit his talk topic at BSides as Vegas 2024 with a discussion of 'blue/green' secrets rotation. By the end, we uncover some best practices to keep in mind when architecting a scalable, highly available application with regard to secrets management. Links shared in the episode: kent07[at]bt.edu
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (34)
Subscribers (645)
Learn how software-driven organizations use GitGuardian to strengthen their overall security posture and comply with application security frameworks and standards. GitGuardian, founded in 2017, has become the leader in automated secrets detection and is now focused on providing a comprehensive code security platform. It's raised $56M from top investors, including co-founders of GitHub and Docker. Its policy engine helps security teams monitor and enforce rules across all their VCS, DevOps tools, and infrastructure-as-code configurations. GitGuardian offers Secrets Detection, Infra as Code Security, and Honeytoken capabilities all in one platform.