ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Managing Secrets - Vlad Matsiiako - ASW #327"
Episode Synopsis
Secrets end up everywhere, from dev systems to CI/CD pipelines to services, certificates, and cloud environments. Vlad Matsiiako shares some of the tactics that make managing secrets more secure as we discuss the distinctions between secure architectures, good policies, and developer friendly tools. We've thankfully moved on from forced 90-day user password rotations, but that doesn't mean there isn't a place for rotating secrets. It means that the tooling and processes for ephemeral secrets should be based on secure, efficient mechanisms rather than putting all the burden on users. And it also means that managing secrets shouldn't become an unmanaged risk with new attack surfaces or new points of failure. Segment Resources: https://infisical.com/blog/solving-secret-zero-problem https://infisical.com/blog/gitops-secrets-management Show Notes: https://securityweekly.com/asw-327
More episodes of the podcast Security Weekly Podcast Network (Video)
Automating Compliance and Risk with Agentic AI as CISOs (R)Evolve - Trevor Horwitz - BSW #417
15/10/2025
Bikers, Apple, Storm-657, Astaroth, EES, Salesforce, Aaran Leyland, and more... - SWN #520
14/10/2025
New book from Dr. Anand Singh, why CISOs buy, and the latest news - Anand Singh - ESW #428
13/10/2025
Ballistic Hot Dogs, Clayrat, Twonet, Lockbit, Resumes, Discord, Aaran Leyland and... - SWN #519
10/10/2025
IoT Hacks Galore - Kieran Human - PSW #895
09/10/2025
Forrester's Global Cybersecurity Market Forecast Before AI Fully Kicks In - Merritt Maxim - BSW #416
08/10/2025
In God we trust