Well-designed secrets management is a delicate balancing act between security and usability. Secrets must be easily accessible to the right users when building and deploying, but they must also at the same time be well-secured and easy to rotate. This article will cover how to thread this needle by integrating CircleCI with HashiCorp Vault and retrieving secrets using short-lived OpenID Connect (OIDC) authentication tokens.
Our latest open-source project, Helm-Dashboard, just crossed 3K stars on GitHub (and hundreds of daily active users), only three months since it was released! We thought this milestone was a good chance to take a look back at our journey, announce the release of v. 1.0.0, discuss future plans, and, most importantly, give our utmost thanks to the amazing contributors and Kommunity members that made it all possible! What capabilities would you like to see next in Helm-Dashbaord?
Incidents can be a bit noisy. Especially when it’s one of higher severity, there are a lot of moving parts that can make it difficult to come away with the information you want at a glance. And if you’re someone who isn’t necessarily tapped into the day-to-day of incident response, such as a head of a department or executive, you’ll want to be able to glean the most actionable information in just a few seconds without having to dig through dense documents.
Welcome to the DevSecOps and CI/CD security guide. Browse through each section to discover various relevant resources to ensure security of your applications and infrastructure.
Last month, I introduced a new blog series for 2023 that aims to focus on how we can do a better job of making our New Year resolutions stick. Why do so many resolutions fail? Because we attempt to do too much, too quickly. We place too much pressure on ourselves to change EVERYTHING we don’t like, which can then become overwhelming to manage and keep up with.
