Srdjan Vranac - Be nice, help the person who hacks your servers to get your data | #phpsrb
PHP Serbia 2019, Belgrade Where are your credentials and secrets stored? In .env files or in environment variables, or even worse in config files? Are your primary AWS keys shared amongst developers? Do you still have SSH keys from former employees on your servers? If your answer is "Yes" to one or more of these questions you probably haven't heard the term "secrets management" In this talk we will look into managing secrets in development and operations, and expose the problems related to them. I will give you an overview of the current state of techniques to mitigate these problems and we'll take a brief look at how an open source tool like Hashicorp Vault can provide a solution to managing secrets in the years to come. About the PHP Serbia 2019 Conference: https://2019.phpsrbija.rs/ More info about the speaker: https://2019.phpsrbija.rs/speakers/4 Srdjan Vranac on Twitter: @vranac https://twitter.com/vranac PHP Serbia on Twitter: https://twitter.com/PHPSrbija