
By Thomas Segura
The IT world relies on digital authentication credentials, such as API keys, certificates, and tokens, to securely connect applications, services, and infrastructures.
Related: The coming of agile cryptography
These secrets work similarly to passwords, allowing systems to interact with one another. However, unlike passwords intended for a single user, secrets must be distributed.
For most security leaders today, this is a real challenge. While there are secret management and distribution solutions for the development cycle, these are no silver bullets.
Managing this sensitive information while avoiding pitfalls has become extremely difficult due to the growing number of services in recent years. According to BetterCloud, the average number of software as a service (SaaS) applications used by organizations worldwide has increased 14x between 2015 and 2021. The way applications are built also evolved considerably and makes much more use of external functional blocks, for which secrets are the glue.