EHFAJ KHAN
Ehfaj Khan is an Expert Application Engineer at Discover, a division of Capital One, N.A. He has strong experience building large-scale, highly available event-oriented architectures and cloud-native application modernizations.
Session
Numerous developers swiftly write and launch code in an agile environment, postponing secret management for later. A developer might opt to temporarily hard-code the secrets, and, upon merging the final version with the main branch, eliminate the secrets and transition to more secure alternatives, such as retrieving the secret from them. Regrettably, individuals err, and frequently those secrets are overlooked, hidden within the code, and missed during code review, ultimately ending up merging code into the main brach. The most obvious place to start scanning for secrets is in code. Securing the code and automating the scan could be the right solution to avoid any human error.