Are Your Secrets Truly Secret?

Share:

Oded Hareven gave a compelling presentation about the future of secrets management at our 2023 Security Summit.


What is Akeyless?


So, what’s Akeyless all about? Oded gave us the lowdown: Akeyless is a company dedicated to secrets management, which is all about keeping digital keys, passwords, and other sensitive info secure. They have some impressive clients—10% of them are Fortune 500 companies! Akeyless has proven to be the disruptor and innovator in the secrets management space, where Hashicorp, who was the leader in this space, ceased innovating.


The Secrets Management Challenge: Secrets Sprawl


Oded outlined the number one growing problem in secrets management – Secrets Sprawl. With the rise of cloud computing and DevOps, we now have more machines than people in many tech environments. These machines need to securely store and manage a ton of sensitive data—API keys, passwords, encryption keys, you name it. These secrets are scattered across various platforms and apps, making them hard to manage and secure. This issue can lead to breaches, like the notorious Uber Hack, where poorly managed API keys gave threat actors a free pass into Uber’s systems.


How Secrets Management Works


Oded explained that a secrets management system securely stores credentials and manages API keys, ensuring they’re only accessible when needed. He highlighted dynamic secrets, which are created and deleted on the fly, making everything more secure and easier to audit.


The Evolution of Secrets Management


The Early Days: Secrets were stored directly in configuration files — extremely risky and cumbersome.


Self-Managed Vaults: Then came self-managed vaults, which were better but still required a lot of resources and effort.


Modern Solutions: Now, we have cloud-based, self-service solutions like Akeyless, which are much more efficient and scalable.


Akeyless’ Unique Approach


Akeyless uses Distributed Fragment Cryptography (DFC). This tech encrypts data using fragments of keys, making it super secure—even against government-level threats. Plus, Akeyless can cut costs by up to 70% compared to traditional methods, which is a big deal.


Final Thoughts


Oded Hareven’s presentation was a great overview of the challenges and solutions in secrets management. His insights into Akeyless’ innovative approach showed just how crucial it is to secure machine-to-machine interactions in our tech-driven world.

Related Posts

hacker using keyboard
Who’s holding you hostage: Cybersecurity companies or hackers?

It’s a serious headline. Although most CISOs, CIOs, and CTOs teams have the...

Onions have Layers, Ogres have Layers: Anti-Ransomware Strategy

Are you ready for a ransomware attack? Globally, so far in 2024, there...