Application security, Cloud security

Secretless & the End of Application Secrets as We Know Them – Brian Kelly – ESW #191

Passwords, keys, and other secrets are becoming an outdated technique for applications to use. They are usually over-privileged, easy to steal, and very hard to handle securely. Developers frequently log them by accident or stash them in unsafe places. The Secretless pattern is a new way of architecting applications that guarantees that the application never handles the secrets it needs to access databases or other secure resources. Secretless architectures open up a whole set of opportunities for a new model of secure application development and governance. This segment is sponsored by CyberArk.

Visit to learn more about them!

Sponsored By

Full episode and show notes


  • Join us June 29th for a webcast with Tyler Robinson and Beau Bullock to learn how to pivot into the world of Crypto security. Visit to register with only your name and email! Don't forget to check out our library of on-demand webcasts & technical trainings at


Brian Kelly
Brian Kelly
Head of Conjur Engineering for CyberArk at CyberArk

Brian is Head of Conjur Engineering for CyberArk. He leads the R&D teams focused on DevOps integration products. Brian has over 20 years of experience as a software leader, having been a VP of Engineering at multiple technology companies prior to joining CyberArk. He has deep experience in DevOps, cybersecurity, distributed systems, and SaaS. His current professional focus is on increasing the security of application development while also the kind of high velocity that markets now demand.


Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance
prestitial ad