CI/CD Secret Management with Secret Zero - Managing Secure Pipelines
OpenInfra Foundation via YouTube
Overview
Learn about critical challenges and solutions in managing secrets within CI/CD pipelines through this 24-minute conference talk. Explore common security issues including long-lived tokens, costly rotation processes, developer permission management, secret reusability, and granular access control. Discover how organizations can better handle secret management while shifting security left in software development and infrastructure provisioning. Presented by Nguyen Dinh Bao Long and Dang Huu Thang, this talk addresses key problems faced by organizations using GitHub, including token leakage risks, system downtime during rotations, workflow integrity concerns, and limitations of native GitHub secrets sharing.
Syllabus
CI/CD Secret Management with Secret Zero
Taught by
OpenInfra Foundation