A DevSecOps Maturity Model for Secrets Management

The webinar took place on Thursday, October 06, 2022
Webinar Presentation Paul Fisher
Webinar Presentation Mackenzie Jackson

Watch the Recording

Join this Webinar to:

  • Learn about the challenges of managing secrets in DevOps.
  • Understand that secrets management is about education, tooling, and process.
  • Find out how each organization can devise its own secrets management program.
  • Discover the benefits of automated secrets detection and remediation.
  • Get an overview of GitGuardian’s secrets detection and remediation platform.

A Maturity Model for Managing Secrets

Recent high-profile software supply chain attacks have highlighted the importance of security in the DevOps environment. But this can be challenging because DevOps teams are at the forefront of digital transformation and use agile techniques to deliver applications quickly, often not following traditional paths of identity management.

Join experts from KuppingerCole Analysts and GitGuardian as they discuss security vulnerabilities in DevOps environments, which are often due to a lack of visibility and control of widely distributed secrets such as API keys, database passwords, cloud access keys, certificates, SSH keys, and service account passwords, leaving millions of credentials exposed.

Speakers Contribution

Paul Fisher, Lead Analyst at KuppingerCole will discuss the challenges and importance of managing secrets in DevOps environments, which increasingly include the use of multi-cloud, workload containerization, and infrastructure-as-code. He will also explain how the business advantages and security of DevOps can be improved.

Mackenzie Jackson, Developer Advocate at GitGuardian will explain the issues of secrets sprawl and poor secrets hygiene. He will also discuss in detail a secrets management maturity model developed by GitGuardian, highlight the benefits of automated secrets detection and remediation, and describe how these can be used to infuse security into development workflows.

Paul Fisher is a Lead Analyst who researches primarily on cybersecurity and identity and access management (IAM). He also studies trends in AI, IoT and data governance for different industry sectors including automotive. Paul is responsible for managing relevant quantitative research at...

Lead Sponsor

Media Partner


Join this combined presentation to gain quick insights and hands-on solutions from a KuppingerCole analyst and selected industry expert, finishing with by a comprehensive Q&A for your individual business challenges.

To register for the webinar, you need to log in to your KuppingerCole User first. If you do not have a KuppingerCole User yet, you can sign up here. After logging in, please enter your requested personal data which is necessary for the further administration of your registration. Once registered, a booking confirmation will be sent to your indicated email address.

Our webinars last approximately 50-60 minutes.

If you didn’t receive the booking confirmation in your inbox, please check your spam folder. If you cannot find the booking confirmation in your spam folder, please contact us. We will get back to you within one business day.

We use the "GoToWebinar" software for the webinars. Simply click on "Join the webinar" in the registration confirmation. GoToWebinar will check directly on your computer if the software is already installed. If not, the installation process will start automatically, and you only need to confirm it.

To participate, you need a computer or a laptop with Internet access. If you want to use the sound transmission via the computer, you will need headphones (headset) or speakers. You do not need a webcam or microphone. A combination of computer and telephone is also possible - you then follow the webinar via your Internet connection on the computer and dial in at the same time via telephone to listen to the moderator's explanations. You can type in questions in the chat window. In the registration confirmation you will also receive a link that allows you to test the technical requirements in advance.

Our webinars are generally free of charge.

The recordings and presentation slides will be available on the website shortly after the webinar. An email will be sent to all registered users. In order to access the materials, you will need to log in to your KuppingerCole User first.

Yes, the recordings and presentation slides are made available to all users that registered for the webinar, regardless if they attended live or were tied up with business. You do not need to deregister.

In some companies there are - mostly due to restrictive IT policies - problems with the installation. We regret this, of course, but cannot provide support in these cases. But no problem: You will receive the recording after the webinar, which you can watch in a normal web browser.