Software Engineering Radio - the podcast for professional software developers

SE Radio 578: Ori Mankali on Secrets Management using Distributed Fragments Cryptography

Aug 22, 2023

42:41

Snipd AI

Ori Mankali, senior VP of engineering at Akeyless, talks about secrets management and distributed fragment cryptography. They discuss the challenges of managing secrets at scale and the need for access policies and audit capabilities. They explain the concept of distributed fragment cryptography and its role in boosting security. The podcast also covers the downsides of relying on clients, cryptography standards, integrating Ikylas with major cloud providers, and the challenges of secrets management in Kubernetes and CICD platforms.

AI Summary

Highlights

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Secrets management involves securely storing, accessing, and managing sensitive information for authentication in applications.

Distributed Fragment Cryptography (DFC) divides encryption keys into fragments distributed across multiple locations, enhancing security and scalability in secrets management.

Deep dives

Overview of Secrets Management

Secrets, in the context of applications, refer to sensitive information used for authentication. This includes credentials needed for an application to identify itself and gain access to remote services. Previously, sensitive information like passwords and keys were stored in insecure places like configuration files or within the code itself. However, this practice is risky and insecure. Secrets management is the process of securely storing, accessing, and managing these sensitive information. It involves protecting secrets through encryption, implementing access policies, integrating with identity providers, maintaining audit logs, and providing auditing capabilities for security officers. The goal is to ensure that sensitive information is always secure and properly managed throughout its lifecycle.

Resilient Fragment Replication in Distributed File Cryptography

01:03

Optimizing Gateway Deployment in Cloud Architecture

01:21

Just in Time Access for Enhanced Security

01:22

Introduction

2min

The Importance of Secrets Management

19min

Downsides of Relying on Clients and the Solution of Achilles Gateway

2min

Cryptography Standards, DHC Certifications, and Adopting DFC

4min

Integration of Ikylas with Major Cloud Providers and Setting Up the Ikylas Gateway

4min

Secrets Management using Distributed Fragments Cryptography (DFC)

9min

Challenges and Benefits of Secrets Management in Kubernetes and CICD Platforms

3min

In this episode, Ori Mankali, senior VP of engineering at cloud security startup Akeyless, speaks with SE Radio’s Nikhil Krishna about secrets management and the innovative use of distributed fragment cryptography (DFC). In the context of enterprise IT, 'secrets’ are crucial for authentication in providing access to internal applications and services. Ori describes the unique challenges of managing these sensitive data, particularly given the complexities of doing so on a large scale in substantial organizations. They discuss the necessity for a secure system for managing secrets, highlighting key features such as access policies, audit capabilities, and visualization tools. Ori introduces the concept of distributed fragment cryptography, which boosts security by ensuring that the entire secret is never known to any single entity. The episode explores encryption and decryption and the importance of key rotation, as they consider the challenges and potential solutions in secrets management.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export