InfoSecBulletin Cybersecurity for mankind
Cloudflare on Thursday announced Secrets Store, a new solution designed to help developers and organizations securely store and manage secrets across the Cloudflare platform.
Any variable that needs to be stored securely and accessed by authorized users only is considered a secret, including credentials, cryptographic keys, tokens, and more.
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
Failure to store secrets securely when building an application can lead to a data breach or the application’s compromise, and ensuring good secret management becomes essential.
The use of a secrets manager can streamline the development process, as it ensures the security of sensitive information and helps meet security best practices, while providing ease of use to allow developers to build efficiently.
With sensitive data residing across machines, in the cloud, or on local infrastructure, the new Secrets Store aims to make it easier for its customers to manage these secrets across Cloudflare’s services.
Currently in beta, the management solution will allow administrators to set specific rules on who can view, create, modify, or delete secrets, as well as to access audit logs for every secret-related event, to track the access and use of their sensitive information.
The web security company will also allow customers to rotate encryption keys on-demand or at the pace they consider fit for their security posture.
