IAM Radar - Identity & Access Management Industry Tracker

IAM Radar - Identity & Access Management Industry Tracker

Share this post

IAM Radar - Identity & Access Management Industry Tracker
IAM Radar - Identity & Access Management Industry Tracker
Secrets Management: Meeting Developers Where They Are - CyberArk
Copy link
Facebook
Email
Notes
More

Secrets Management: Meeting Developers Where They Are - CyberArk

The Cyber Hut's avatar
The Cyber Hut
Mar 06, 2023
∙ Paid

Share this post

IAM Radar - Identity & Access Management Industry Tracker
IAM Radar - Identity & Access Management Industry Tracker
Secrets Management: Meeting Developers Where They Are - CyberArk
Copy link
Facebook
Email
Notes
More
Share

Original Article

There’s always a balancing act when it comes to building and deploying cloud-native applications in environments like Amazon Web Services (AWS). The whole point of moving production to the cloud is that developers can move faster than ever before, innovating and shipping new features on a daily basis. But that same speed can be an organization’s downfall if development outpaces security processes and accidentally exposes secrets or other credentials to potential attackers.

On the one hand, you’ve got 71% of organizations developing and deploying cloud-native apps, according to the Enterprise Strategy Group’s (ESG) 2023 Technology Spending Intentions Survey. On the other hand, 70% of organizations from another ESG report believe they have more than 50 secrets embedded just in their Git repositories, and 31% experienced a cybersecurity incident where secrets were stolen from a source code repository. Hard-coded secrets or secrets that aren’t properly rotated or revoked can become vulnerabilities that cyberattackers can exploit to gain access to an organization’s critical systems and resources…

The Cyber Hut Comment: A consequence of having a cloud-first strategy for both infrastructure management and applications deployment, is how to handle secrets. Secrets for APIs, microservices and any non-person related identity. Where do they get stored (at run time and at rest), how are they generated, issued, revoked and management?

Keep reading with a 7-day free trial

Subscribe to IAM Radar - Identity & Access Management Industry Tracker to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2025 The Cyber Hut
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More