Be nice, help the person who hacks your servers to get your data

Srdjan Vranac

Saturday 25 January 2020 from 14:50 to 15:50

Talk in English - UK at PHPBenelux Conference 2020
Track Name: Permeke (B)
Short URL: https://joind.in/talk/6eebd (QR-Code (opens in new window))

Avg. Rating

We keep our credentials and secrets in .env files, env variables, and config files. We share that data often in an insecure way. We rarely think about if we are making it easy for someone to access our data. Do you understand what happens after the breach?

This talk looks into the business repercussions of weak secrets management; we go over the typical patterns of use and why they might be harmful. We shall also look at ways to improve this situation and decrease the fallout in case the worst happens.

Comments

Comments are closed.

Van Belle Jonathan (Grummfy) at 16:10 on 25 Jan 2020 (via Web2 LIVE)

Intresting. Nice feedback

Murielle Evers at 16:41 on 25 Jan 2020 (via Web2 LIVE)

Now l'm afraid and still not entirely sure how to make things better.

Siebe Vanden Eynden at 12:11 on 26 Jan 2020 (via Web2 LIVE)

A good refresher but in my opinion it lacked a real code example. I would love to see how you implemented vault to store your secrets.