27.6 C
New York
Thursday, May 28, 2026
HomeSoftware Engineering
Software Engineering

Dwayne McDaniel on the Engineering Challenges of Secrets and techniques Administration – Software program Engineering Radio

By admin
0
1
Dwayne McDaniel on the Engineering Challenges of Secrets and techniques Administration – Software program Engineering Radio


Dwayne McDaniel, developer advocate at GitGuardian.com, joins host Priyanka Raghavan to speak concerning the engineering challenges of secrets and techniques administration. They discover what “secrets and techniques” actually are in fashionable methods—far past passwords—together with API keys, tokens, certificates, and machine identities, and the way “secret sprawl” emerges throughout the SDLC. Drawing on studies from GitGuardian and Verizon, they focus on the rising scale of secret leaks and why credential abuse and phishing stay dominant assault vectors.

They look at frequent leak factors—from code repos and logs to CI/CD pipelines, containers, and SaaS integrations—and the way cloud, DevOps, and AI tooling are amplifying dangers. Priyanka quizzes Dwayne about current provide chain assaults from pyPi and trivy ecosystems, highlighting recurring root causes like poor entry management, long-lived credentials, and weak safety hygiene. Lastly, they contemplate detection, response, and fashionable options—short-lived credentials, secret scanning, and identity-based approaches like OWASP NHIR and SPIFFE/SPIRE—ending with sensible recommendation for engineers to scale back blast radius and design for safe secret lifecycle administration.

Delivered to you by IEEE Pc Society and IEEE Software program journal.

Dwayne McDaniel on the Engineering Challenges of Secrets and techniques Administration – Software program Engineering Radio


Present Notes

Associated Episodes

  1. SE Radio 578: Ori Mankali on Secrets and techniques Administration utilizing Distributed Fragments Cryptography
  2. SE Radio 311: Armon Dadgar on Secrets and techniques Administration
  3. SE Radio 680: Luke Hinds on Privateness and Safety of AI Coding Assistants
  4. SE Radio 658: Tanya Janca on Safe Coding

Different References

  1. Dwayne McDaniel
  2. Secrets and techniques Safety Finish-To-Finish – /dev/mtl
  3. https://www.gitguardian.com/information/the-state-of-secrets-sprawl-report-2025
  4. YouTube: Dwayne McDaniel – Fixing Secrets and techniques Sprawl Takes Extra Than Sec.: Why Machine Id. Is Everybody’s Downside
  5. Actual-Life Examples of Non-Human Identification Safety Breaches and What to Do About Them (Up to date Repeatedly)
  6. OWASP Non-Human Identities Prime 10 – 2025 – OWASP Non-Human Identities Prime 10
  7. How GitGuardian Permits Speedy Response to the LiteLLM Provide Chain Assault
  8. The Staff PCP Snowball Impact: A Quantitative Evaluation

Previous article
How Warehouse Administration Methods Work
adminhttp://itechepic.com

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Load more

iTechepic is your technology, AI, and big data related website. We provide you with the latest breaking news and videos straight from the tech industry.

© Copyright 2024 - itechepic.com. All rights reserved.