More applications, more deploys, more engineers: this is the environment organizations find themselves in ranging from startups to large enterprises. A common challenge is adhering to security best practices during periods of growth without introducing bottlenecks. Secure storage and distribution of secrets is only a small part of the challenge, as operators and security teams must reason about key rolling, auditing, and incident management during a compromise. Beyond the basic storage of passwords, secrets also include certificates, keys, and sensitive user data (PII).
In this talk, Mitchell presents the challenges of scaling with security and best practices to do so without compromising developer speed.