Can some experts chime in on how they manage secrets (kets, certs, etc) in large organizations? I would like to understand if infosec has centralized visibility into all the secrets and the ability to define and enforce expiration/rotation policy. Does infosec have any run-time usage analytics to identify over-provisioned, misused or orphaned secrets.?
Internet link removed by moderator
