Secrets Management
Secrets management is the practice of securely storing, distributing, rotating, and auditing sensitive credentials — such as API keys, passwords, and certificates — so they are never hard-coded or exposed in plain text.
10 resources across 2 libraries
Glossary Terms(5)
Data Loss Prevention (DLP)
Data Loss Prevention (DLP) refers to tools and practices designed to detect and prevent sensitive data from being leaked, exfiltrated, or shared outside of an…
Encryption at Rest
Encryption at rest is the practice of encrypting stored data — on disks, in databases, or in cloud storage — so that it remains unreadable to anyone without th…
Security Token Service
A Security Token Service (STS) is a web service that issues, validates, and exchanges security tokens — such as temporary credentials or identity assertions —…
Privileged Access Management (PAM)
Privileged Access Management (PAM) is a set of security practices and tools focused specifically on controlling, monitoring, and securing accounts with elevate…
Secrets Management
Secrets management is the practice of securely storing, distributing, rotating, and auditing sensitive credentials — such as API keys, passwords, and certifica…
Interview Questions(5)
What Are Connection String Security Best Practices?
Connection string security means never embedding raw credentials in source code or config files checked into version control, instead injecting host, username,…
How Do You Manage Secrets in a DevOps Pipeline?
Secrets management means storing credentials, API keys, and certificates in a dedicated secrets store with encryption, access control, and audit logging, then…
What is HashiCorp Vault and How Does It Work?
HashiCorp Vault is a centralized secrets-management system that securely stores, dynamically generates, and tightly controls access to credentials, encryption…
What Are the Key Principles of Container Security?
Container security means hardening every layer of the container lifecycle — the base image, the build process, the runtime configuration, and the host kernel —…
How Do You Manage TLS Certificates in a DevOps Pipeline?
Certificate management in DevOps means treating TLS certificates as versioned, automatically issued, rotated, and monitored infrastructure rather than manually…