Protect your sensitive information with end-to-end encryption and enjoy the benefits of a centralized, secure #secretsmanagement solution. Get started today: https://bitwarden.com/products/secrets-manager/

#cybersecurity #security #datasecurity #secretsmanager

I’ve released more GitHub :github: Secret 🔑 Scanning 🔎 custom patterns, which you can use if you have Advanced Security.

Some are 🔥 (if I say so myself), some are for auditing only - e.g. my “common passwords” pattern, written to spot some of the most commonly leaked weak passwords - “P@55word123!” and the like.

We’ve got DataDog, Sentry, .Net configs, MS SQLServer user creation, and Bearer tokens.

https://lnkd.in/eqRG_FRa

#GitHub #SecretScanning #AppSec #SDLC #SecretsManagement #regex

Just published: Some quick competitive analysis about @hashicorp 's acquisition of #blubracket.

Upshot: potentially sets the stage for increased competition between #HashiCorp #Vault and #Microsoft Defender, #GitHub and existing #SAST / #containersecurity tools.

#DevSecOps #secretsscanning #secretsmanagement #cybersecurity #appsec #applicationsecurity #cloud
https://www.techtarget.com/searchitoperations/news/366542881/HashiCorp-Vault-to-expand-in-DevSecOps-with-BluBracket-buy

Today's news: @hashicorp #Vault 's appeal to a broader field of users gets a boost from a new entry-level #SaaS service, while a new #Boundary Enterprise targets the high end of the market. #accesscontrols #remoteaccess #cloudsecurity #secretsmanagement #kubernetes #cloudnativesecurity https://www.techtarget.com/searchitoperations/news/366541914/HashiCorp-Vault-trims-SaaS-Boundary-hooks-up-Enterprise

A #secretsmanagement solution is essential for security-conscious dev teams. Learn how to secure your credentials and other sensitive data with this critical tool: https://bitwarden.com/blog/why-does-my-development-team-need-a-secrets-manager/

Anyone using Keeper Secrets Manager? I love Keeper as a password manager that I use personally and used for work, and their new Secrets Manager looks impressive. Wondering if anyone here has used it and how your experience with it has been.

#keepersecurity #keeper #SecretsManagement

Interested in Secrets Management in Kubernetes? Check out this recent webinar that illustrates the various approaches that can be utilized when handling sensitive resources #security #SecretsManagement #tools #architecture #Kubernetes #OpenShift https://tracks.redhat.com/l/cy_21_q3_na_cn_devel?sc_cid=7013a000002pdeHAAQ&utm_source=certain

#KongKonnect has had some major 💥 updates, including complete control of sensitive data 🔒 in Konnect's secure-by-design #SecretsManagement.

🎉 We're thrilled to announce new enhancements to analytics, secrets management, and much more: http://ow.ly/AmN450MnT2L

#api #security

...in which @sml555_@twitter.com and I unpack the CircleCI incident notification and its implications, discuss CI/CD vuln research, and shoutout *hard* to @ThinkstCanary@twitter.com and @sanitybit@twitter.com https://bit.ly/3VRR7IO

#supplychainsecurity #devsecops #circleci #securityflash #secretsmanagement

Sicherheitsvorfall: CircleCI-Nutzer müssen jetzt Passwörter ändern

Nach einem Sicherheitsvorfall appelliert CircleCI an Developer und Kunden, Passwörter, Schlüssel und andere geheime Daten auf der CI-Plattform zu aktualisieren.

https://www.heise.de/news/Sicherheitsvorfall-CircleCI-Nutzer-muessen-jetzt-Passwoerter-aendern-7450984.html?wt_mc=sm.red.ho.mastodon.mastodon.-.-

#Anmeldedaten #CircleCI #ContinuousIntegration #Passwörter #Schlüssel #SecretsManagement #Security #Token

Amazon RDS now supports integration with AWS Secrets Manager to streamline how you manage your master user password for your RDS database instances. :apartyblobcat:​ 🙌

[...]

RDS integration with AWS Secrets Manager improves your database security by ensuring your RDS master user password is not visible in plaintext to administrators or engineers during your database creation workflow.

#aws #cloud #cybersecurity #secretsmanagement

https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-rds-integration-aws-secrets-manager/

This is a long read but a thorough overview of what they are calling a " first-of-its-kind supply-chain attack vector impacting a cloud provider’s infrastructure."

#SupplyChain #SBOM #SecretsManagement

https://www.wiz.io/blog/hells-keychain-supply-chain-attack-in-ibm-cloud-databases-for-postgresql

This is a long read but a thorough overview of what they are calling a " first-of-its-kind supply-chain attack vector impacting a cloud provider’s infrastructure."

#SupplyChain #SBOM #SecretsManagement

https://www.wiz.io/blog/hells-keychain-supply-chain-attack-in-ibm-cloud-databases-for-postgresql

Automatic password rotation was a cool idea when it came out, and I love the thought that went into the process with AWS Secrets Manager.

Is anybody actually using automatic secret rotation now?

"AWS Secrets Manager now supports rotation of secrets as often as every four hours"
https://aws.amazon.com/about-aws/whats-new/2022/11/aws-secrets-manager-rotation-secrets-as-often-as-four-hours/

#aws #SecretsManagement