API Security , Application Security , Events

Pulling the Covers Off 'Secret Sprawl' to Reduce Risk

SafeBreach CISO Avishai Avivi Discusses Finding and Managing 'Secrets'
Avishai Avivi, CISO, SafeBreach

"Secret sprawl" is a huge issue that is creating growing security risk for many organizations - including leading to potential compromises that shut down businesses, said Avishai Avivi, CISO, SafeBreach.

See Also: The Operationalization of Threat Intelligence Programs

"We've adapted to the idea that passwords are not enough, and users have multifactor authentication turned on," he said.

But we haven't really solved this for devices communicating with devices or applications communicating with applications, he said. "So we use secrets, tokens or API keys - and those are really just passwords. There are really no good password managers for those applications," he added.

In this video interview with Information Security Media Group at RSA Conference 2023, Avivi also discusses:

  • Other challenges involved with secret sprawl;
  • Cloud-related risk involving passwords;
  • How his organization has addressed these issues.

Prior to joining SafeBreach, Avivi held CISO and chief privacy roles at several other companies. He has about 30 years of experience in leading effective management initiatives.

About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.