#35 Secure development: Keeping your application secrets private
Do you still store secrets in source control? Are your secrets safely stored, but are you struggling to distribute them to your applications? Do you feel this should be easy, but you can't just find out how?
In this session, Henry will take you on a journey that starts with passwords in source control. From there he will quickly take you along on a series of improvements to make both local development and production deployments more and more secure with every change.
Along the way, you will learn how to use Azure Key Vault, Azure Active Directory (AAD) and App Service Managed Instance to get everyone on a need to know basis. Finally, you will see how forgetting about keys, certificates and passwords completely and just using AAD could solve all your problems. That is.., if everyone would just use AAD!
In this session, Henry will take you on a journey that starts with passwords in source control. From there he will quickly take you along on a series of improvements to make both local development and production deployments more and more secure with every change.
Along the way, you will learn how to use Azure Key Vault, Azure Active Directory (AAD) and App Service Managed Instance to get everyone on a need to know basis. Finally, you will see how forgetting about keys, certificates and passwords completely and just using AAD could solve all your problems. That is.., if everyone would just use AAD!