Overview
Explore the integration of security into DevOps processes through this conference talk on Secure CI/CD using JSON Web Token (JWT). Dive into the challenges of managing sensitive information in DevSecOps environments and learn how JWT can serve as a bridge for secure data exchange. Discover how GitLab leverages JWT tokens to access various secret management solutions, including those from major cloud providers. Gain insights into best practices for retrieving sensitive data and enhancing DevSecOps security processes within your organization. Understand the risks associated with insecure storage of sensitive information and how JWT, as an open standard, can mitigate these risks. Learn to address the complexities of choosing and integrating secret management solutions into your DevOps workflow.
Syllabus
Secure CI/CD Using JSON Web Token (JWT) - Dov Hershkovitch, GitLab
Taught by
CNCF [Cloud Native Computing Foundation]