Secrets management | How to avoid data black holes in the CI/CD universe

Firstly, the rise in secrets management has not reached its peak. But why has this new security component crept into DevOps so stealthily? Furthermore, do we need to bother with it? In answer to this, Ben Riley, Technical Director, has issued this compelling set of Field Notes. To emphasize the importance of secrets management, Ben documents his journey through global organizations. As a result, these illustrative DevSecOps Field Notes are a must-read for anyone wanting to know how to navigate and control secret data. And, most importantly, how improper governance impacts CI/CD pipelines.

To put it another way, DevOps is now the standard for agile projects and deliveries. However, should the importance of secrets management lead us to embrace DevSecOps practices? Although this may be true, it’s easier said than done.  

That’s why these Field Notes document the experience of secrets management over the course of the last six years. For one thing, Ben’s seen first-hand how DevOps is getting more mature. Specifically, it’s now widely adopted in IT enterprises with large application estates. However, with a rapid shift towards cloud native architectures and micro services, agile DevOps are deploying at breakneck speed. As a result, there must be a belt and braces approach to deal with the waves of secret data that’s sweeping through the pipeline.

With that in mind, you’ll want to download the full DevSecOps Field Notes. That way, you can get Ben’s Five Step Process for handling secrets management in a modern CI/CD pipeline. 

Who needs these secrets management Field Notes?

Anyone with an interest in DevOps and the rise of secrets management. In the hope that configuration data becomes a positive element within the application estate. As opposed to a headache. Which it can be. If improperly ordered and validated, it can drain resource, cause blockages and, to be specific, be the cause of vulnerabilities. With this in mind, these field notes give practical advice on proper secrets management in today’s fast-moving environment.

So, if you see your role below, then these field notes are a must-read. 

  • Chief Technical Officer
  • Chief Technical Strategy Officer
  • VP Infrastructure / Environments / Release

What you’ll learn about secrets management​

These Field Notes include the following takeaways and learnings:  

  • Why DevSecOps is more important than ever before
  • Understand the vulnerabilities and how secrets management plays a pivotal role. 
  • The five steps for avoiding data black holes and managing secrets in a controlled way with automated CI/CD. 

About the author

Ben Riley is Technical Director at Sweagle. He helps global customers to  embrace the speed of DevOps changes. Simultaneously, maintaining security and control of their most important technical assets: their configuration data.

Follow Ben on LinkedIn »

Further reading on DevOps

Once you’ve read this White Paper, you might want to look at these resources from the DevOps archives.