Secrets rotation lifecycle: From creation to revocation
Secret rotation fails when it's treated as a scheduled task rather than a lifecycle. This guide covers all seven stages — from creation and ownership to safe rotation, emergency revocation, and audit…
Read the full articleYou might also wanna read
Automate RDS Credential Rotation with AWS Secrets Manager for .NET - Zero Downtime Security
Learn how to automatically rotate your RDS database credentials using AWS Secrets Manager and consume them in your ASP.NET Core applications
The Remediation Cycle No Security Team Wants to Be Running
Most cloud security tools have a detection problem. They find misconfigurations well enough. The issue is what happens after — a ticket gets
The Dangers of Spin-Loops in Programming: Why Developers Should Trust OS Scheduling
Embark on a journey about why you should sometimes trust your OS more than yourself.
Analysis of ATProto Key Management Issues and Account Recovery Problems
Note: this post has been revised to be split into two sections: a description of what happened, and my analysis. I hope to make it clear tha
Inside a CVE dispute: How the curl project handles vulnerability assignments as a CNA
A few years years ago the curl project signed up and became a CNA. This means that we are masters of and can allocate our own CVE identifier
daniel.haxx.se·13d agoManaging your secrets in Git 🗝
We have always been told not to store secrets in Git. But what if I told you that we manage all our secrets in Git?

Comments
Sign in to join the conversation.
No comments yet. Be the first.