跳转到主要内容

热门内容

今日:


总体:


最近浏览:


Chinese, Simplified

https://github.com/Infisical/infisical

Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure and prevent secret leaks.

https://github.com/bitwarden/sdk

Secrets Manager SDK

https://github.com/tellerops/teller

Cloud native secrets management for developers - never leave your command line for secrets.

https://github.com/eth0izzle/shhgit

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

https://github.com/bitwarden/server

The core infrastructure backend (API, database, Docker, etc).

https://github.com/square/keywhiz

A system for distributing and managing secrets

https://github.com/sniptt-official/ots

Share end-to-end encrypted secrets with others via a one-time URL

https://github.com/manifoldco/torus-cli

A secure, shared workspace for secrets

https://github.com/deepfence/SecretScanner

Find secrets and passwords in container images and file systems 

https://github.com/GoogleCloudPlatform/berglas

A tool for managing secrets on Google Cloud

https://github.com/dyne/Tomb

the Crypto Undertaker

https://github.com/jkroepke/helm-secrets

A helm plugin that help manage secrets with Git workflow and store them anywhere

https://github.com/freeipa/freeipa

Mirror of FreeIPA, an integrated security information management solution

https://github.com/stakater/Reloader

A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!

https://github.com/trufflesecurity/trufflehog

Find and verify credentials

https://github.com/tink-crypto/tink-java

https://github.com/tink-crypto

A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. See also: https://developers.google.com/tink.

The Tink Cryptography Library is split into multiple repositories.

Tink implementation Repository
Tink Java tink-crypto/tink-java
Tink C++ tink-crypto/tink-cc
Tink Go tink-crypto/tink-go
Tink Python tink-crypto/tink-py
Tink Obj-C tink-crypto/tink-objc

We provide a command line interface for key management, named Tinkey

We also provide integrations with various key management systems (KMS) and other systems.

Tink extension Repository
Tink Java AWS KMS extension tink-crypto/tink-java-awskms
Tink Java Google Cloud KMS extension tink-crypto/tink-java-gcpkms
Tink Java apps extension tink-crypto/tink-java-apps
Tink C++ AWS KMS extension tink-crypto/tink-cc-awskms
Tink C++ Google Cloud KMS extension tink-crypto/tink-cc-gcpkms
Tink Go AWS KMS extension tink-crypto/tink-go-awskms
Tink Go Google Cloud KMS extension tink-crypto/tink-go-gcpkms
Tink Go HashiCorp Vault KMS extension tink-crypto/tink-go-hcvault

 

https://github.com/pac4j/pac4j

https://github.com/cryptomator/cryptomator

Multi-platform transparent client-side encryption of your files in the cloud

https://medium.com/@cyberlands.io/best-secrets-management-solution-hash…

Best Secrets Management Solution: Hashicorp vs KeyWhiz

Encrypting Confidential Data at Rest

https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/

https://kubernetes.io/docs/concepts/configuration/secret/

 

https://external-secrets.io/main/introduction/overview/

The External Secrets Operator extends Kubernetes with Custom Resources, which define where secrets live and how to synchronize them. The controller fetches secrets from an external API and creates Kubernetes secrets. If the secret from the external API changes, the controller will reconcile the state in the cluster and update the secrets accordingly.

https://cloud.yandex.com/en/services/lockbox

A service for creating and storing secrets in the Yandex Cloud infrastructure.

Create secrets in the management console or using the API.

https://walkingtree.tech/secrets-management-using-mozilla-sops/

As automation is taking place at a rapid pace, the areas where human intervention is involved are appearing as huge speed breakers. One such task is keeping the secret information with humans and providing necessary approvals as and when needed. This task does not involve a lot of logical thinking but the important aspect is keeping trustworthy information and using it for regular activity.

Keeping the secrets in a file and allowing access to information to a wider set of people will be a serious challenge. One way to solve this problem is to keep the secrets in a file but in an encrypted format and ensure only the target environment can decrypt. This way we can still allow the automation to happen and keep the environments secured.

In this blog, I will be touching upon the basics of securing secrets, introduce you to SOPS, explain to you how SOPS works and its effective use in building cloud-agnostic applications. 

Manage Your Secrets with Mozilla SOPS and GitOps Toolkit (Flux CD v2)

https://medium.com/picus-security-engineering/manage-your-secrets-with-…

 

"Sealed Secrets" for Kubernetes

https://github.com/bitnami-labs/sealed-secrets

Safe storage of Kubernetes Secrets with Mozilla SOPS and IaC

https://softwaremill.com/safe-storage-of-kubernetes-secrets-with-mozill…

 

SOPS (Secrets OPerationS – Kubernetes Operator): Secure your sensitive data, while maintaining ease of use

https://deyan7.de/en/sops-secrets-operations-kubernetes-operator-secure…

Simplify and Secure Your Kubernetes Deployments with Mozilla SOPS

https://systemweakness.com/simplify-and-secure-your-aks-deployments-wit…

 

How to commit encrypted files to Git with Mozilla SOPS

https://blog.thenets.org/how-to-commit-encrypted-files-to-git-with-mozi…

Encrypt your Kubernetes Secrets with Mozilla SOPS

https://www.thorsten-hans.com/encrypt-your-kubernetes-secrets-with-mozi…

 

 

本文地址
最后修改
星期二, 十月 17, 2023 - 09:20
Tags
 
Article