Thursday, July 8, 2021 at 12:00:00 PM Online event

Fixing Hardcoded Secrets the Developer-Friendly Way

MAKE SURE TO RSVP HERE AND NOT JUST ON MEETUP (IF YOU CAN'T MAKE IT BUT WOULD LIKE THE RECORDING, IT WILL BE SENT TO ALL REGISTRANTS): https://cycode.com/fix-hardcoded-secrets

Thur, July 8th, 2021
10:00 AM - 11:00 AM PST

The practice of hard-coding secrets like passwords, tokens, and API keys is skyrocketing as applications increasingly leverage dependencies that require integration and Infrastructure-as-Code that must authenticate services. Yet, hardcoded secrets have been at the heart of numerous security incidents because they expose access to valuable resources and enable attackers to rapidly "peel the onion." Furthermore, secrets undermine the segregation of duties within organizations, which is key to many compliance standards such as SOC 2 Type II, ISO 207001, PCI, and more.

Yet, we must remember that developers have reasons to hardcode secrets. Not only is hard-coding secrets an efficient way to authenticate but most developers lack alternatives. The question we must ask is how do we balance security with developer efficiency?

This webinar will cover:

1. Introduction to hardcoded secrets (History, risks & breaches)
2. Detecting secrets (What to look for and where)
3. Developer-Friendly operationalization

Click here for event

View in KCUG Phone App