Source: devops.com
Safeguarding Secrets Within the PipelineCategory: Software, Security, Data, Microsoft, Kubernetes, Docker, firewall, encryption
By Dor Atias on September 15, 2020Leave a CommentHow can an organization write source code to use secrets without directly referencing them and risking them being leaked to the public?
In fact, just recently, Intel became the latest victim after 20GB worth of internal documents were leaked and uploaded to a public sharing site.
In this blog, we’ll show you an overview of how you can utilize your continuous integration and delivery tools to inject secrets into your code at build/runtime without actually including them in the code itself, thus placing a veil between your code and your secrets. One method for publishing source code reliant on secrets without actually including the secrets in the code is to use placeholders within the source code which, at build time, are replaced with the actual values needed.
It is with that in mind that we advise adding another layer of security by automatically monitoring your source code repositories for secrets.
In fact, just recently, Intel became the latest victim after 20GB worth of internal documents were leaked and uploaded to a public sharing site.
In this blog, we’ll show you an overview of how you can utilize your continuous integration and delivery tools to inject secrets into your code at build/runtime without actually including them in the code itself, thus placing a veil between your code and your secrets. One method for publishing source code reliant on secrets without actually including the secrets in the code is to use placeholders within the source code which, at build time, are replaced with the actual values needed.
It is with that in mind that we advise adding another layer of security by automatically monitoring your source code repositories for secrets.
Related Articles
Community Partners
DevOps Careers