Demo Summary
Manpreet Singh shows how Thales CipherTrust Manager helps teams find and fix hidden passwords and keys that apps use to talk to each other. First, he scans an application server and creates a report on any static secrets. Then, he removes those secrets and sets up AWS IAM so the app gets short-lived, dynamic keys from CipherTrust Manager to access an S3 bucket. He rescans to prove no secrets remain. The video shows how to see, secure, and manage all your secrets.
AI-Detected Features
IntroductionPresenter Manpreet Singh introduces the topic: what secrets are, challenges in managing them, and a demonstration of a secret management tool.
00:13
Defining SecretsOverview of secrets as access credentials, including human-to-machine examples like passwords, MFA and biometrics, and unlocking devices with face recognition.
00:25
Machine-to-Machine SecretsFocus on machine-to-machine secrets in modern applications: API keys, static credentials, dynamic secrets, SSH keys and tokens used for microservices and CI/CD pipelines.
01:11
Challenges of Secret ManagementDiscussion of secret sprawl, lack of inventory (62% of organizations unaware of their secrets), risk of breaches from exposed credentials in code or repositories.
02:18
Secret Management ApproachIntroduction to secret management solution: first discover existing secrets, then centrally manage their lifecycle using a vault to ensure visibility and control.
03:15
Setting Up Secret DiscoveryDemonstration problem statement: application using static AWS credentials to access S3. Security team lacks visibility and wants to discover and remediate these secrets.
03:43
Configuring and Running Secret ScanStep-by-step in Cipher Trust Manager: add application server as datastore, select classification profile for secrets, configure scan and execute discovery across the server.
10:03
Reviewing Discovery ResultsGenerate and view report: discovery engine found an AWS key ID in a credentials file; locate file path, open it and confirm static credentials in use.
14:02
Planning Secret RemediationSecurity team’s remediation goals: remove static credentials, adopt short-lived dynamic credentials and implement zero-secret approach in application code.
16:04
Configuring Secret Management ToolIn Cipher Trust Manager: configure AWS as secret target, set up IAM role authentication for zero-secret access, and create a dynamic AWS S3 secret definition.
19:02
Thales
Thales is a global leader in cybersecurity, providing comprehensive solutions to protect data, identities, and critical infrastructures against evolving cyber threats. Learn more about ThalesMore Demos (1)
Interactive Demos (0)
Useful Links & Resources
Related companies