LISA17 - Your Secrets in Cloud-Based Key Management Services





The interactive transcript could not be loaded.


Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Nov 15, 2017

Dan O'Boyle, Stack Overflow

Do you encrypt secrets before committing them to a repository?

Are API keys and passwords stored in a local library any team member can decrypt?

Are you forced to re-encrypt all secrets anytime access has changed?

Stop doing those things! Cloud Based Key Management Services (Google KMS, Azure Key Vault, Amazon KMS) provide encryption keys as a service. KMS create a centralized access control list. Using a KMS, you can centralize secrets, removing them from local libraries. Key rotation can be automated, often times making a KMS more secure than local key management practices.

View the full LISA17 program: https://www.usenix.org/lisa17/program


to add this to Watch Later

Add to

Loading playlists...