Enterprise Security Weekly (Audio)

Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406

7 snips
May 12, 2025
Join Sergey Gorbaty, a Senior Principal Security Architect at Fastly, Chas Clawson, Field CTO at Sumo Logic, and Jawahar Sivasankaran, President of Cyware, as they tackle the critical role secrets play in infrastructure security. They discuss the risks of poor secret management and the importance of integrating it into system design. Chas explains how SOC teams can enhance detection and response, while Jawahar shares insights on a threat-centric approach that transforms security operations. Also, they delve into AI's impact on cybersecurity and the evolving strategies for integrating intelligence.
Ask episode
AI Snips
Chapters
Books
Transcript
Episode notes
INSIGHT

Secrets Scale with Microservices

  • The explosion of microservices has greatly increased the number of secrets needing management.
  • Modern secret management must scale to handle vastly more tokens than traditional monoliths.
ADVICE

Use Least Privilege and Short Lifetimes

  • Apply least privilege and short lifetimes to credentials to reduce damage exposure.
  • Use workload identity tokens for visibility and improved security over static tokens.
ADVICE

Train and Share AI Knowledge

  • Train users on AI, including prompt engineering and hallucination risks.
  • Create shared channels for knowledge exchange to boost AI proficiency and security awareness.
Get the Snipd Podcast app to discover more snips from this episode
Get the app