International PHP Conference |
May 25 – 29, 2020 in Berlin

Secrets Management: How to (not) help the person who hacks your servers get your data

Session
This talk originates from the archive. To the CURRENT program
Until February 6: ✓ Workshop Day for free ✓ Group discount ✓ Save up to € 700 Register now

More talks in the program:

Infos
Tuesday, October 22 2019
11:45 - 12:45

Where do you store your credentials and secrets? In .env files or in environment variables, or even worse, in config files? Are your primary AWS keys shared amongst developers? Do you still have SSH keys from former employees on your servers?

If your answer is "yes" to one or more of these questions you probably haven’t heard the term "secrets management". In this talk, we will look into managing secrets in development and operations and expose the problems related to them. I will give you an overview of the current state of techniques to mitigate these problems and we’ll take a brief look at how an open source tool like Hashicorp Vault can provide a solution to managing secrets in the years to come.

Stay tuned!

Behind the Tracks of IPC

PHP Core Technology
Best Practices & Application

General Web Development
General Web Development & more

Agile & Company Culture
Agility has become mainstream

Software Architecture
Concepts & Environments

Security
All about Web Security

Testing & Test Driven Development
An overview of the most important topics

DevOps & Continuous Delivery
DevOps is a philosophy

Docker, Kubernetes, Cloud
An overview of the most important topics

#slideless (pure coding)
An overview of the most important topics

PHP Frameworks
An overview of the most important topics

Content Management Systems
An overview of the most important topics