Secrets Management

Secrets Management #

TLDR: Build and runtime secrets are stored securely and documented appropriately
Rationale: Leaked secrets such as api keys, cryptography keys, identity tokens are a common attack scenario.

Background #

Secrets must be stored in a secure way, and a documented in a central place. Cryptographic failures are the second highest risk in the OWASP top ten so rigor and process is essential.

Change Records
Forked from https://www.devopsctl.com and maintained by
© Stacc 2024, all rights reserved