4 Securing Your Secrets

A secret is anything that can harm you and/or your customers if it falls into the wrong hands, if exposed. When developers or security experts talk about secrets, they’re discussing API keys, access tokens and codes, cryptographic certificates and salts, passwords (and sometimes the usernames that go with them), and more.

In modern software, secrets have a special role—they ensure secure communications and control access to resources. This is particularly important due to the growth of microservice architectures. Now, many pieces need to “talk” to each other to create one apparent whole and they need to do so securely.

This chapter will discuss the following topics:

How secrets get used in the development process
How ...

Get Crafting Secure Software now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Crafting Secure Software by Greg Bulmash, Thomas Segura

4

Securing Your Secrets

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly