Secrets management talks about the ways and methods of managing application secrets securely all through their lifecycle including storage, transit and use. This has been a tricky area for organisations to solve and has led to some significant breaches lately.
In this episode we discover some challenging scenarios when we try to implement secrets management across an organisation and discuss methods to deal with them.
Guest Intro: Ankit Khasgiwale
LinkedIn: @ankit
Ankit is Director of Product Security at Unacademy. He has over 16 years of experience in penetration testing, threat modelling, code reviews, DevSecOps and cloud security. At Unacademy, Ankit started the Product Security vertical from ground up which included setting up processes, team and automation to secure applications and infrastructure, remove secrets from source code, dependency issues etc.
Ankit has earlier worked at Microsoft India as Senior Program Manager and executed enterprise wide programs like Secrets management, rethinking Secure SDLC in Agile and setting up DevSecOps program. Additionally, Ankit has development experience in various technologies like Java, .Net, python and loves automating everything. In his free time he loves experimenting with wireless and RF hacking with SDRs and other types of hardware hacking.
Resources: Recommended reading/viewing for listeners
I would love to hear your suggestions and feedbacks, please DM me. If you liked this episode, please share with others in the community. It always means a lot!
If you’re interested in a security challenge that you’re facing or would like to hear from a specific speaker/team, let me know. Buzz me on Twitter or LinkedIn; checkout my handles below: