2025-08-04 – 21:00-21:45 (Africa/Abidjan), Florentine E
Tired of the secret sprawl? You're not alone. This talk tosses the outdated playbook of endless key rotations and credential tracking and exposes a better way: delete the darn secrets in the first place. Or where they can’t be deleted, choose a solution that offers better protection as a matter of course.
Learn concrete 'Do This, Not That' guidance with actionable examples for common use cases that typically involve static, manually managed secrets. Move on to a safer and more maintainable architecture by making manually managing secrets the exception, not the default.
See a live demonstration of two Kubernetes clusters – one in AWS and one in Azure – securely authenticating to the other cloud provider with zero manually managed secrets. We'll dive into the AWS IRSA and Azure Workload ID services that unlock this. You'll even get the full Terraform source code to play with this yourself, highlighting the emergent wins for resiliency and maintainability when your entire infrastructure is defined in code.
Leave this session equipped with practical examples to immediately reduce your secrets footprint and a deeper understanding of building secure, secret-free systems.
Tired of the secret sprawl? You're not alone. This talk throws out the outdated playbook of endless key rotations and credential tracking and exposes a better way: deleting the darn secrets in the first place. Or where they can’t be deleted, choose a solution that offers better protection as a matter of course. Learn concrete 'Do This, Not That' guidance for reducing secrets-induced risk across your stack, from how your users access infrastructure to how your services themselves authenticate.
We’ll go through common use cases that traditionally require static, manually managed secrets, and give specific examples of how to move away from that model to a much safer and more maintainable architecture, where manually managed secrets are the exception, not the default.
See a live demonstration of two Kubernetes clusters – one in AWS and one in Azure – securely authenticating to the other cloud provider with zero manually managed secrets. We'll dive into AWS IRSA and Azure Workload ID, showcasing how these services unlock cross-cloud access without the risk of static, privileged client credentials. You'll even get the full Terraform source code to implement this yourself, highlighting the emergent wins for resiliency and maintainability when your entire infrastructure is defined in code.
Leave this session equipped with practical examples to immediately reduce your secrets footprint and a deeper understanding of building secure, secret-free systems.
Chitra Dharmarajan, CISSP, CCSP, NACD.DC is a dynamic cybersecurity executive with expertise in building high-performing global teams and driving enterprise-wide security transformations. She excels in risk management, governance, and strategic decision-making, with a proven track record in M&A, due and secure-by-design strategies. Specializing in Privacy Engineering, Product Security, and AI-driven solutions, she has extensive experience across Network, Cloud, Application, and Container Security. Chitra is passionate about empowering teams and fostering innovation to achieve impactful, scalable results.
In addition to her executive roles, Chitra is a dedicated startup advisor, guiding emerging companies in navigating the complexities of cybersecurity. Her contributions to the field have been recognized through numerous awards and accomplishments, highlighting her leadership and impact in the cybersecurity domain.
A graduate of the Executive Program for CISO at Carnegie Mellon University, she is poised to leverage her industry expertise, strategic vision, and governance experience to shape the future of cybersecurity and drive lasting organizational impact. Chitra has successfully completed National Association of Corporate Directors (NACD) - Directorship Certification demonstrating her commitment to governance leadership, personal development, as well as her commitment to leading oversight of organizations today and in the future.
Steve Jarvis's journey in tech spans about 14 years, from his early work building key management software to developing services in networking, IAM, and infrastructure management. That background in creating security-related software naturally led him to his current focus as a security engineer. Still a programmer at heart, he tackles security challenges with that developer's mindset. Outside of work, he's kept busy by an adorable 3-year-old daughter and the ongoing pursuit of being a pretty okay bike racer.