• Creator
  • #4051679

    How are secrets (keys, certs) managed and monitored

    by SecurityDreamer ·

    Can some experts chime in on how they manage secrets (kets, certs, etc) in large organizations? I would like to understand if infosec has centralized visibility into all the secrets and the ability to define and enforce expiration/rotation policy. Does infosec have any run-time usage analytics to identify over-provisioned, misused or orphaned secrets.?

    Internet link removed by moderator

    • This topic was modified 1 year, 1 month ago by Avatar photobirdmantd.
    • This topic was modified 1 year, 1 month ago by Avatar photokees_b.

You are posting a reply to: How are secrets (keys, certs) managed and monitored

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our Community FAQs for details. All submitted content is subject to our Terms of Use.

All Answers

  • Author
    • #4051742
      Avatar photo

      Yes. But let’s use an AI here as it wrote it well.

      by rproffitt ·

      In reply to How are secrets (keys, certs) managed and monitored

      “Yes, there are several runtime usage analytics tools available in the field of information security (InfoSec) that can help identify over-provisioned, misused, or orphaned secrets. These tools generally fall under the category of “secret management solutions” and can provide various features to monitor and manage secrets across an organization’s systems and applications.

      For example, some secret management solutions offer runtime analytics that can help identify secrets that have not been used in a certain period, as well as usage patterns and trends for secrets that are actively being used. This can help organizations identify secrets that are no longer necessary and can be safely deleted or rotated.

      Similarly, some solutions also offer access control features that can help ensure that only authorized users and applications have access to secrets. This can help prevent misused or over-provisioned secrets and reduce the risk of data breaches and other security incidents.

      Overall, secret management solutions can be a valuable tool for organizations looking to improve their InfoSec posture and ensure that their secrets are being used effectively and securely.”

Viewing 0 reply threads