{"id":201641,"date":"2025-01-17T05:01:00","date_gmt":"2025-01-17T05:25:43","guid":{"rendered":"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/"},"modified":"2026-04-06T05:43:22","modified_gmt":"2026-04-06T09:43:22","slug":"ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud","status":"publish","type":"podcast","link":"https:\/\/www.cyberark.com\/es\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/","title":{"rendered":"EP 69 &#8211; Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud"},"content":{"rendered":"<p>In this episode of the Trust Issues podcast, host David Puner dives into the complexities of secrets management with Ritesh Desai, General Manager at AWS Secrets Manager. They discuss the evolving landscape of secrets management, emphasizing the importance of a multi-layered defense strategy as organizations increasingly adopt cloud services, digital transformation and agile development practices. Ritesh highlights the critical role of machine identities in managing secrets and the growing significance of AI and automation in enhancing security measures. He also underscores the necessity of a comprehensive approach that includes discovery, visibility and leak detection to safeguard sensitive information effectively. The conversation covers the challenges of managing secrets in multi-cloud environments and the importance of regular secret rotation and access control. This episode provides valuable insights into best practices and strategies for securing secrets.\u00a0<\/p>\n<div class=\"transcript\" style=\"white-space:pre-line\">David Puner: [00:00:00] You&#8217;re listening to the Trust Issues podcast. I&#8217;m David Puner, a Senior Editorial Manager at CyberArk, the global leader in identity security.<br \/>\nHello, and happy New Year\u2014which is still maybe okay to say for another minute or two. And if you&#8217;re tuning in sometime down the road, happy whatever and congratulations on the thing.<br \/>\nIn today&#8217;s episode, we take a dive into secrets management and the complexities and considerations involved in securing sensitive information. We do that with Ritesh Desai, General Manager at AWS Secrets Manager, who discusses the evolving landscape of secrets management and the importance of a multi-layered defense strategy.<br \/>\nAs organizations continue to adopt cloud services, digital transformation, and agile development practices, the number of secrets\u2014such as API keys, database credentials, and tokens\u2014has grown significantly. Simply securing these secrets is no longer sufficient. Instead, safeguarding sensitive information requires a comprehensive approach that includes discovery, visibility, and leak detection.<br \/>\nIn our conversation, Ritesh emphasizes the critical role of machine identities in managing secrets. These identities are key to authenticating and securing automated processes, yet they also pose a significant vulnerability for organizations\u2014especially as multi-cloud environments and AI adoption continue to grow. Machine identities exist in massive numbers and are increasing exponentially.<br \/>\nAmong other things, Ritesh highlights the role of AI and automation in enhancing security measures, helping organizations detect and respond to threats more effectively. He also explains how a defense-in-depth strategy can help organizations manage secrets more securely and reduce cyber risks.<br \/>\nHe dishes on secrets, as it were.<br \/>\nHappy middle of January! Here&#8217;s my conversation with Ritesh Desai.<br \/>\nDavid Puner: [00:01:50] Ritesh Desai, General Manager at AWS Secrets Manager\u2014welcome to Trust Issues! Thanks for coming on the podcast.<br \/>\nRitesh Desai: Yeah, thank you, David. I&#8217;m excited to be on this podcast.<br \/>\nDavid Puner: And where are you today? Are you in the Pacific Northwest?<br \/>\nRitesh Desai: Yeah, I&#8217;m in the Pacific Northwest. I\u2019m in Seattle\u2014a suburb of Seattle called Kirkland. That\u2019s where I live.<br \/>\nDavid Puner: Okay, very nice. At this point, we&#8217;re recording in mid-December. Do you have winter at all there? What are things like outside?<br \/>\nRitesh Desai: Well, Seattle is more rainy than anything. It\u2019s rainy and cold\u2014so no snow, but yeah, it\u2019s cold. It&#8217;s about 45 degrees outside, I think.<br \/>\nDavid Puner: Okay. And you&#8217;ve got no rust on the cars out there\u2014I love that! All the great Bring a Trailer cars are always from the Pacific Northwest. I gotta get out there. I gotta visit you sometime.<br \/>\nRitesh Desai: Yeah, I know.<br \/>\nDavid Puner: Well, thank you for coming on the podcast. As much as I wish we could talk about cars, rust, and weather, we&#8217;re here to discuss some other very important things\u2014though, I guess somewhat tangentially related since they\u2019re cloud-related.<br \/>\nThis conversation is focusing on secrets management, and different listeners will have varying levels of understanding. So, why don\u2019t we start things off with this:<br \/>\nWhat is secrets management, and how do different types of organizations\u2014along with roles or departments within those organizations\u2014think about it?<br \/>\nRitesh Desai: When I think about secrets, I define them as what your customers use to protect their sensitive information\u2014or to access their sensitive information.<br \/>\nAnd secrets management is managing the lifecycle of these secrets. It&#8217;s critical for the security posture of customers, ensuring they have the ability to meet their organization&#8217;s security and compliance expectations.<br \/>\nSo, that\u2019s it in a nutshell\u2014what secrets management is.<br \/>\nDavid Puner: Secrets are things like passwords or API keys, right?<br \/>\nRitesh Desai: Yeah, absolutely. I was going to go there!<br \/>\nFor example\u2014database usernames and passwords, API keys, tokens\u2014anything that you, as a user or a machine, use to access something. That\u2019s a secret.<br \/>\nSecrets management includes the concept of a lifecycle. I think of it in multiple phases:<br \/>\n1. Secure storage \u2013 Safely storing the secret.<br \/>\n2. Access control \u2013 Providing the right level of access to the right customers.<br \/>\n3. Distribution at scale \u2013 Secrets need to reach the right places so applications can run and businesses can operate.<br \/>\nAll of those steps are crucial to secrets management.<br \/>\nDavid Puner: And at scale\u2014because there are just an enormous number of identities and secrets to manage, right?<br \/>\nRitesh Desai: Absolutely. I\u2019d like to add a couple of things.<br \/>\nOne aspect of secrets management that doesn\u2019t get talked about as much is rotation\u2014the regular rotation of secrets is critical to maintaining a strong security posture.<br \/>\nAnother key aspect is transparency\u2014customers need visibility through auditing and monitoring to track secrets usage.<br \/>\nSo, when you think about it, the full lifecycle of a secret includes:<br \/>\n1. Secure storage<br \/>\n2. Appropriate access control<br \/>\n3. Scalability and distribution<br \/>\n4. Regular rotation<br \/>\n5. Monitoring and auditing<br \/>\nDavid Puner: Right. And regarding different types of organizations\u2014how do various industries, departments, or roles within organizations approach secrets management?<br \/>\nRitesh Desai: Traditionally, each department had a specific role.<br \/>\nThere was usually a dedicated security team that focused only on security, while development teams focused on building applications. The problem with this segmented approach is that it creates silos, and security becomes an afterthought rather than a built-in function.<br \/>\nAt AWS, we encourage organizations to shift their mindset\u2014security should be everyone\u2019s job. It\u2019s not just something for the security team to handle at the end of the development process. Instead, it should be integrated into every step of the workflow\u2014a concept often referred to as \u00absecure by design.\u00bb<br \/>\nYes, some organizations still have dedicated security admins whose primary job is to enforce security standards. But instead of relying only on security teams, we want every department to incorporate security best practices into their work from the ground up.<br \/>\nDavid Puner: So, rather than relying on a single team to enforce security, the goal is to embed security into the organization&#8217;s DNA.<br \/>\nRitesh Desai: Exactly. If security is integrated from the beginning, then the security team\u2019s role shifts from enforcement to verification\u2014ensuring compliance rather than constantly trying to fix security gaps after the fact.<br \/>\nDavid Puner: And in terms of industries, are certain sectors more advanced when it comes to secrets management?<br \/>\nRitesh Desai: Yes. Traditionally, industries like finance, healthcare, and defense have led the way in pushing the boundaries of security.<br \/>\nThe good news is that because these industries demanded higher security standards, companies like AWS have built advanced security tools and services to meet those high expectations.<br \/>\nThe result? These advancements are now available to all industries\u2014meaning every organization can benefit from best-in-class security solutions, not just the ones in traditionally high-security sectors.<br \/>\nOver time, other industries have recognized the need to elevate their security standards, and we\u2019re seeing a broader adoption of secrets management best practices across different sectors.<br \/>\nDavid Puner: Of all the different kinds of secrets, what is the most difficult secret to manage? Is there any one particular type that stands out?<br \/>\nRitesh Desai: That\u2019s an interesting question. I\u2019d actually answer it a little differently.<br \/>\nFor a secrets management tool to be truly successful, the less information it has about the secrets it stores, the better\u2014from a security perspective.<br \/>\nThat\u2019s why AWS Secrets Manager was designed with this philosophy in mind:<br \/>\n* We don\u2019t need to know what a secret is used for.<br \/>\n* We don\u2019t want visibility into whether a secret is for logging into Google, an admin account, or something else entirely.<br \/>\nBecause we don\u2019t store or analyze the contents of secrets, we can apply consistent security policies across all types of secrets\u2014ensuring that every secret is treated with the same high level of security.<br \/>\nDavid Puner: So, there\u2019s no distinction like, Oh, this is just a password, so we don\u2019t have to worry about it as much? Everything is secured at the same level?<br \/>\nRitesh Desai: Exactly. It all comes down to access control.<br \/>\nWe focus on:<br \/>\n* Enforcing proper access policies<br \/>\n* Providing the right level of protection<br \/>\n* Ensuring that only authorized users or systems can access secrets<br \/>\nAt AWS, we follow the Shared Responsibility Model\u2014meaning we give customers the tools to implement strong security controls while ensuring they have the guidance to use them correctly.<br \/>\nBut ultimately, it\u2019s up to customers to implement best practices\u2014we can\u2019t make those security decisions for them.<br \/>\nDavid Puner: Right. Because if AWS were to categorize secrets or assign different security levels, you might make assumptions that don\u2019t necessarily align with how a customer actually uses their secrets.<br \/>\nRitesh Desai: Exactly. We could easily be wrong in our assumptions, and that wouldn\u2019t help customers at all.<br \/>\nInstead, we provide:<br \/>\n* Robust security mechanisms<br \/>\n* Granular access controls<br \/>\n* Detailed documentation<br \/>\nThis allows customers to set their own policies and determine what level of protection each secret requires\u2014based on their unique security and compliance needs.<br \/>\nDavid Puner: Okay, great. So that\u2019s a solid foundation for understanding what secrets management is. Now, let\u2019s take a step back for a moment to get a better idea of what you do.<br \/>\nWhat does your day-to-day role as the General Manager of AWS Secrets Manager involve?<br \/>\nRitesh Desai: Yeah\u2026 well, sometimes I don\u2019t even know what I do! But let\u2019s try to break it down.<br \/>\nFor anyone in a similar leadership role in secrets management, there are two primary areas of focus:<br \/>\n1. Tactical Execution \u2013 Making sure we\u2019re executing on our roadmap and hitting our strategic goals.<br \/>\n2. Strategic Vision \u2013 Looking beyond the immediate roadmap to anticipate future needs and industry trends.<br \/>\nTactically, a big part of my role involves:<br \/>\n* Executing on pre-planned initiatives<br \/>\n* Reassessing priorities based on new data<br \/>\n* Gathering customer feedback<br \/>\n* Monitoring industry trends<br \/>\nAt AWS, we have weekly and monthly engineering business reviews where we:<br \/>\n* Evaluate our priorities<br \/>\n* Identify potential course corrections<br \/>\n* Ensure that we\u2019re always moving in the right direction<br \/>\nThat accounts for about 30% of my time\u2014along with the usual management and leadership responsibilities.<br \/>\nBut the majority of my time is spent on the strategic side:<br \/>\n* Anticipating what\u2019s next in security and secrets management<br \/>\n* Identifying major industry shifts<br \/>\n* Engaging with customer conversations and internal teams to help shape the next big innovations<br \/>\nFor example, we look at trends like post-quantum cryptography (PQC) and ask:<br \/>\n* How will this impact our customers?<br \/>\n* What tools will they need to stay ahead of the curve?<br \/>\n* How can we make their transition as seamless as possible?<br \/>\nSo, in short, I spend most of my time trying to future-proof our security strategies and ensure we\u2019re delivering the right solutions for our customers\u2014both today and tomorrow.<br \/>\nDavid Puner: You mentioned generative AI earlier, and I want to talk about that a little later in our conversation. But first, let\u2019s focus on data protection and privacy.<br \/>\nHow do data protection and privacy figure into secrets management? I think we\u2019ve touched on this a little bit, but let\u2019s dive deeper. How does it fit into your focus in your role?<br \/>\nRitesh Desai: Absolutely. Data protection and privacy are always top of mind.<br \/>\nAt AWS Secrets Manager, our core mission is to protect secrets that, in turn, protect our customers&#8217; most sensitive data. That means we are constantly working to adhere to the highest level of encryption standards available\u2014and we continue to enhance those standards over time.<br \/>\nFor example, in the last four years alone, we\u2019ve upgraded our encryption model three times\u2014each time making it stronger and more resilient.<br \/>\nDavid Puner: And how do varying regulations factor into that? Different countries, industries, and states all have different privacy requirements, right?<br \/>\nRitesh Desai: Exactly. That\u2019s one of the biggest challenges in data protection and privacy.<br \/>\nThere are many overlapping regulations that customers need to comply with, and they vary by region and industry. Some examples:<br \/>\n* China has a unique data privacy law that differs significantly from other global standards.<br \/>\n* The European Union has GDPR, which came into effect in 2018 and has strict data protection requirements.<br \/>\n* The United States has varying state-level regulations, such as California\u2019s CCPA.<br \/>\nFor AWS, our goal is to build tools that give customers control over their compliance requirements\u2014without forcing a one-size-fits-all approach.<br \/>\nBalancing Security and Access<br \/>\nWhen it comes to privacy, it\u2019s a delicate balance:<br \/>\n* Security is important\u2014but if nobody can access data, then it\u2019s useless.<br \/>\n* On the other hand, if access is too open, it creates serious security risks.<br \/>\nThat\u2019s why we focus on least-privilege access\u2014ensuring that users and applications only get access to the specific data they need to do their job.<br \/>\nAt AWS, we integrate AWS Identity and Access Management (IAM) with Secrets Manager to enable:<br \/>\n* Role-based access controls<br \/>\n* Granular permission settings<br \/>\n* Resource-based policies<br \/>\nThis ensures that only authorized users can retrieve and use secrets\u2014helping to minimize risk while maintaining efficiency.<br \/>\nDavid Puner: In addition to access control, compliance is another major factor in data protection. How does AWS Secrets Manager help customers stay compliant with all these regulations?<br \/>\nRitesh Desai: That\u2019s a great question. Compliance is a huge challenge\u2014especially for enterprise customers that operate across multiple regions and industries.<br \/>\nAt AWS, we provide a suite of tools to help customers monitor and enforce compliance within their environments. Some of these tools include:<br \/>\n1. AWS Config \u2013 Allows customers to set compliance policies (e.g., \u201cAll secrets must be rotated every 30 days\u201d).<br \/>\n2. AWS Security Hub \u2013 Provides real-time security insights and compliance reports.<br \/>\n3. AWS Secrets Manager Integrations \u2013 Works with other security tools to automatically enforce best practices.<br \/>\nFor example, let\u2019s say a company mandates that all secrets must be rotated every 30 days. With AWS Config, they can:<br \/>\n* Apply this rule across all accounts and services.<br \/>\n* Automatically identify violations.<br \/>\n* Receive alerts and take corrective actions.<br \/>\nBy integrating Secrets Manager with these tools, customers can actively enforce compliance rather than relying on manual oversight.<br \/>\nDavid Puner: That makes sense. But with so many different regulations out there, is it even possible to automate compliance across the board?<br \/>\nRitesh Desai: That\u2019s a big challenge.<br \/>\nEach law has multiple clauses that may apply to one use case but not another. The sheer complexity of these regulations makes fully automated compliance nearly impossible.<br \/>\nThat\u2019s why our approach is to:<br \/>\n1. Provide customers with the right tools to configure compliance for their specific needs.<br \/>\n2. Work closely with customers to ensure they understand how to set up compliance policies effectively.<br \/>\nThis is where partnerships between AWS and customers are so important. Compliance is not just a one-time task\u2014it\u2019s an ongoing process that requires regular updates and adjustments as regulations evolve.<br \/>\nDavid Puner: Yeah, there are definitely a lot of layers to compliance. Early on in your response, you mentioned encryption. Let\u2019s talk more about that.<br \/>\nEncryption is always evolving\u2014standards keep getting higher and higher. When a new standard of encryption is introduced, how do you determine how long it will remain effective?<br \/>\nIs there a rule of thumb for how long encryption will be top-tier before it needs to be replaced?<br \/>\nRitesh Desai: That\u2019s a really interesting question.<br \/>\nAt AWS, we take a proactive approach to encryption standards. We work closely with global standards organizations to ensure that:<br \/>\n1. We\u2019re ahead of the curve before new encryption standards are released.<br \/>\n2. We help shape those standards based on real-world use cases.<br \/>\nFor example, AWS cryptographic teams work with standards committees to validate and refine encryption algorithms before they even become public.<br \/>\nBy the time a new standard is formally announced, we\u2019re already:<br \/>\n* Evaluating how to integrate it into AWS services.<br \/>\n* Assessing how customers will transition to it.<br \/>\n* Developing a phased rollout strategy.<br \/>\nBalancing Security and Business Continuity<br \/>\nOne of the biggest challenges with encryption is that upgrading encryption isn\u2019t always seamless.<br \/>\nFor example, let\u2019s say a company encrypts an entire database using a specific encryption key. If that key needs to be replaced, the transition can be:<br \/>\n* Time-consuming<br \/>\n* Resource-intensive<br \/>\n* Potentially disruptive to business operations<br \/>\nThat\u2019s why, in some cases, we strategically delay transitions\u2014not because we don\u2019t want the latest encryption, but because we need to ensure that customers can adopt it without business disruptions.<br \/>\nIn short, while we always look ahead to the next level of encryption, we also balance innovation with practicality\u2014making sure customers can transition smoothly and securely.<br \/>\nDavid Puner: That makes a lot of sense. Now, let\u2019s shift gears a bit.<br \/>\nWhat are some of the primary challenges when it comes to secrets management in multi-cloud environments?<br \/>\nRitesh Desai: Ah, one of my favorite topics!<br \/>\nThe biggest challenge in multi-cloud environments is centralizing secrets management.<br \/>\nThink about it\u2014if a company has:<br \/>\n* Some workloads running in AWS<br \/>\n* Some workloads running in Azure<br \/>\n* Some workloads running on-prem<br \/>\nWhere should they store and manage all their secrets?<br \/>\nThe Problem with a Fragmented Approach<br \/>\nOne common (but flawed) approach is to:<br \/>\n* Store AWS-related secrets in AWS Secrets Manager<br \/>\n* Store Azure-related secrets in Azure Key Vault<br \/>\n* Store on-prem secrets in a separate vault<br \/>\nBut this creates major problems because:<br \/>\n* There\u2019s no single pane of glass to monitor secrets.<br \/>\n* Secrets become scattered across multiple environments.<br \/>\n* Security teams struggle to enforce consistent policies.<br \/>\nHow to Centralize Secrets Management in Multi-Cloud<br \/>\nOrganizations have two main options:<br \/>\n1. Use an external secrets management tool<br \/>\n   * Many organizations choose tools like CyberArk to centrally manage and distribute secrets across cloud environments.<br \/>\n   * AWS integrates with CyberArk, so customers can sync their secrets between CyberArk and AWS Secrets Manager.<br \/>\n   * This allows customers to leverage AWS-native integrations while still maintaining CyberArk as their single source of truth.<br \/>\n2. Use AWS IAM Roles Anywhere<br \/>\n   * AWS offers IAM Roles Anywhere, which allows customers to:<br \/>\n      * Obtain temporary security credentials for on-prem, hybrid, and multi-cloud workloads.<br \/>\n      * Use AWS services for identity and secrets management, even when workloads are running outside AWS.<br \/>\nWhy This Matters<br \/>\nWith multi-cloud adoption increasing, more companies are realizing that:<br \/>\n* Managing secrets in a decentralized way is risky.<br \/>\n* Standardizing secrets management is essential.<br \/>\n* Integrating AWS Secrets Manager with CyberArk (or another secrets management tool) helps enforce security and compliance across multiple cloud providers.<br \/>\nDavid Puner: That makes a lot of sense. And when you layer regulatory compliance on top of multi-cloud environments, I imagine things get even more complicated?<br \/>\nRitesh Desai: Absolutely. The moment you operate across multiple cloud providers, you\u2019re now dealing with:<br \/>\n* Different access control models<br \/>\n* Inconsistent security policies<br \/>\n* Potential regulatory conflicts<br \/>\nThat\u2019s why organizations need a clear strategy for centralizing secrets\u2014without sacrificing flexibility or security.<br \/>\nDavid Puner: Another major challenge in security is machine identities. How do you think about secrets management in the context of machine identities?<br \/>\nAnd what are some best practices for securing machine identities at scale?<br \/>\nRitesh Desai: This is an important topic. The last report I read said that machine identities outnumber human identities by a factor of 45 to 1\u2014maybe even more.<br \/>\nDavid Puner: Yeah, I\u2019ve seen similar numbers. And machine identities are growing something like three times faster than human identities.<br \/>\nRitesh Desai: Exactly. And that\u2019s what makes securing machine identities such a unique challenge.<br \/>\nWhat Are Machine Identities?<br \/>\nA machine identity is essentially a credential that a machine uses to authenticate and access a resource or service.<br \/>\nFor example, if an automated process needs to:<br \/>\n* Connect to a database<br \/>\n* Access an API<br \/>\n* Authenticate with another service<br \/>\nIt will use a machine identity\u2014which is typically stored as a secret (like an API key, token, or certificate).<br \/>\nThe challenge is that traditional security solutions were designed for human identities, not machines.<br \/>\nWhy Traditional Security Methods Don\u2019t Work for Machine Identities<br \/>\nFor human identities, we\u2019ve largely solved the security problem using Multi-Factor Authentication (MFA).<br \/>\nBut with machine identities, we can\u2019t just enable MFA\u2014it doesn\u2019t work the same way.<br \/>\nSo, how do we secure machine identities?<br \/>\nBest Practices for Securing Machine Identities<br \/>\n1. Use Short-Lived Secrets<br \/>\n   * Instead of long-lived credentials, machine identities should use ephemeral secrets\u2014credentials that automatically expire after a short period.<br \/>\n   * This reduces the risk of secrets being stolen and misused.<br \/>\n2. Adopt Just-in-Time (JIT) Access<br \/>\n   * Machine identities should only have access when they need it\u2014not all the time.<br \/>\n   * Just-in-Time access ensures that credentials are only valid for a specific operation or timeframe.<br \/>\n3. Leverage SPIFFE and SPIRE Frameworks<br \/>\n   * Frameworks like SPIFFE and SPIRE allow organizations to create secure identity-based authentication for machines\u2014without relying on static secrets.<br \/>\n4. Automate Secret Rotation<br \/>\n   * If you must use longer-lived secrets, they should be automatically rotated on a frequent basis.<br \/>\n   * AWS Secrets Manager provides built-in automation for secret rotation.<br \/>\n5. Implement a Zero-Trust Strategy<br \/>\n   * Never assume a machine identity is legitimate. Always verify before granting access.<br \/>\n   * The Zero Trust model enforces continuous authentication and authorization checks.<br \/>\nWhy This Matters<br \/>\nMachine identities are one of the fastest-growing security challenges\u2014and attackers are increasingly targeting them.<br \/>\nBy implementing short-lived secrets, automation, and Zero Trust principles, organizations can reduce risk and improve security posture.<br \/>\nDavid Puner: That makes a lot of sense. And I think it\u2019s important to emphasize that organizations must protect secrets assigned to non-human identities\u2014otherwise, attackers can use them as a way to gain unauthorized access.<br \/>\nRitesh Desai: Absolutely. And one of the best things organizations can do today is to start automating secret rotation for machine identities.<br \/>\nIf a secret is short-lived and rotated frequently, the window of opportunity for an attacker is drastically reduced.<br \/>\nDavid Puner: We\u2019ve covered a lot of foundational security practices. Now, let\u2019s bring AI and machine learning into the conversation.<br \/>\nHow are AI, generative AI, and machine learning being used to enhance secrets management security measures?<br \/>\nRitesh Desai: AI and machine learning (ML) are already playing a significant role in security\u2014and they\u2019re only going to become more critical.<br \/>\nAt AWS, we think about AI\/ML in security in three primary ways:<br \/>\n1. Preventing Security Mistakes at the Development Stage<br \/>\nA big security risk comes from secrets being embedded in code or mismanaged during development.<br \/>\nAI\/ML tools can help developers write more secure code by:<br \/>\n* Detecting secrets in source code before deployment.<br \/>\n* Providing real-time security recommendations as developers write code.<br \/>\n* Suggesting best practices for secrets storage and management.<br \/>\nFor example, AWS launched Amazon Q Developer, a tool that integrates with IDEs (Integrated Development Environments). If it detects a potential security risk, like a hardcoded secret, it will alert the developer and suggest a secure alternative\u2014helping prevent security issues before they happen.<br \/>\n2. AI-Powered Anomaly Detection for Secrets Access<br \/>\nOne of the biggest advantages of AI\/ML in security is the ability to analyze massive amounts of data and detect suspicious activity in real time.<br \/>\nFor example, AI can:<br \/>\n* Monitor access patterns for secrets.<br \/>\n* Identify unusual spikes in access requests.<br \/>\n* Alert security teams to potential breaches.<br \/>\nA practical example\u2014if a secret is normally accessed 10 times per day, but suddenly it\u2019s accessed 10,000 times in an hour, AI can:<br \/>\n* Recognize this as abnormal activity.<br \/>\n* Trigger an alert.<br \/>\n* Potentially block access until further investigation.<br \/>\nThis proactive approach allows organizations to detect and mitigate threats before they escalate.<br \/>\n3. Proactive Security and Automated Response<br \/>\nThe ultimate goal of AI\/ML in security is automated threat response.<br \/>\nRight now, AI can:<br \/>\n* Identify threats.<br \/>\n* Send alerts.<br \/>\n* Recommend security actions.<br \/>\nBut in the future, we expect AI to take action automatically, such as:<br \/>\n* Revoking compromised secrets in real-time.<br \/>\n* Blocking suspicious access attempts.<br \/>\n* Rotating secrets preemptively when AI detects potential risks.<br \/>\nFor example, in Distributed Denial-of-Service (DDoS) attacks, AI can already:<br \/>\n* Identify malicious traffic patterns.<br \/>\n* Block traffic from suspicious sources\u2014without human intervention.<br \/>\nWe expect this same level of automation to apply to secrets management and identity security in the near future.<br \/>\nThe Future of AI in Secrets Management<br \/>\nRight now, AI\/ML is great at detecting and alerting\u2014but we\u2019re moving toward a future where AI will be able to automatically resolve security risks in real-time.<br \/>\nDavid Puner: That\u2019s exciting\u2014and also a little scary.<br \/>\nRitesh Desai: Yeah, it can be! But security is an ongoing journey. AI\/ML isn\u2019t about replacing human decision-making\u2014it\u2019s about enhancing security teams by:<br \/>\n* Reducing false positives.<br \/>\n* Providing better insights.<br \/>\n* Taking care of routine security tasks so humans can focus on bigger-picture threats.<br \/>\nWe\u2019re already seeing strong adoption of AI-powered security tools, and I expect this to accelerate significantly over the next few years.<br \/>\nDavid Puner: You\u2019ve mentioned AI and automation as key trends shaping the future of security. Let\u2019s zoom out a bit\u2014since we\u2019re at the start of 2025, what are the biggest trends and innovations in cloud security that will impact secrets management this year?<br \/>\nRitesh Desai: Great question. I think 2025 is going to be a big year for security, and there are a few major trends that will shape secrets management in the coming months.<br \/>\n1. Increased Adoption of Zero Trust Architecture<br \/>\nThe move toward Zero Trust is already happening, but in 2025, we expect to see:<br \/>\n* More organizations shifting to \u201cnever trust, always verify\u201d security models.<br \/>\n* Secrets being more tightly controlled and accessed on a least-privilege basis.<br \/>\n* Stronger verification measures for both human and machine identities.<br \/>\nOrganizations are realizing that traditional perimeter-based security models no longer work\u2014especially in multi-cloud environments.<br \/>\nAt AWS, we\u2019re working with customers to help them implement Zero Trust strategies that ensure:<br \/>\n* Every secret request is verified in real time.<br \/>\n* Secrets are only accessible when absolutely needed.<br \/>\n* Automated policies revoke access immediately when necessary.<br \/>\n2. AI and Machine Learning for Threat Detection<br \/>\nWe touched on this earlier, but AI-powered security is going to play a much bigger role in 2025.<br \/>\nWe expect to see:<br \/>\n* More advanced AI models for detecting abnormal access patterns.<br \/>\n* Better predictive analytics for identifying potential security threats before they happen.<br \/>\n* Automated secret rotation and access revocation triggered by AI-driven insights.<br \/>\nRight now, AI is helping security teams work faster\u2014but the next step is for AI to start handling real-time security actions automatically.<br \/>\n3. Stricter Data Privacy Regulations<br \/>\nRegulations around data security and compliance are getting tighter every year.<br \/>\nSome key developments in 2025 include:<br \/>\n* New data residency laws requiring organizations to store secrets in specific geographic regions.<br \/>\n* Stronger encryption standards being mandated in multiple industries.<br \/>\n* More regulatory scrutiny on how organizations manage and secure secrets.<br \/>\nBecause AWS operates in a global environment, we\u2019re working hard to:<br \/>\n* Stay ahead of these evolving regulations.<br \/>\n* Ensure our customers can maintain compliance across multiple jurisdictions.<br \/>\n* Offer tools that help organizations adapt to new legal requirements quickly.<br \/>\n4. Post-Quantum Cryptography (PQC) Preparation<br \/>\nThis might not be a 2025 reality\u2014but it\u2019s a 2025 focus.<br \/>\nQuantum computing poses a potential long-term threat to current encryption methods. Even though large-scale quantum attacks are still years away, security leaders are already:<br \/>\n* Evaluating post-quantum encryption standards.<br \/>\n* Identifying which secrets need future-proof protection.<br \/>\n* Developing strategies for migrating to quantum-resistant algorithms.<br \/>\nAt AWS, we\u2019re:<br \/>\n* Actively testing post-quantum encryption methods.<br \/>\n* Working with standards organizations to define the future of encryption.<br \/>\n* Helping customers understand how they can prepare for quantum security challenges.<br \/>\nThe Bottom Line<br \/>\n2025 is going to be a big year for cloud security, automation, and compliance. Secrets management is at the center of these trends, and organizations will need to:<br \/>\n* Implement Zero Trust strategies.<br \/>\n* Leverage AI-powered security.<br \/>\n* Ensure compliance with new data privacy laws.<br \/>\n* Start thinking about quantum security\u2014even if it feels a bit early.<br \/>\nDavid Puner: That\u2019s a great roadmap for what\u2019s ahead. Let\u2019s talk a little more about post-quantum cryptography.<br \/>\nHow is AWS thinking about post-quantum encryption, and what should companies be doing today to prepare for future security challenges?<br \/>\nRitesh Desai: Yeah, this is something I get asked about a lot.<br \/>\nThe reality is that full-scale quantum computers capable of breaking today\u2019s encryption are not here yet. But that doesn\u2019t mean we should wait to prepare.<br \/>\nOne of the biggest concerns in the industry is the idea of harvest now, decrypt later attacks.<br \/>\nWhat Is a \u201cHarvest Now, Decrypt Later\u201d Attack?<br \/>\n* Bad actors are already stealing encrypted data today\u2014even though they can\u2019t decrypt it yet.<br \/>\n* They store this data for years or decades until quantum computers become powerful enough to break the encryption.<br \/>\n* Once quantum decryption is possible, previously stolen data could suddenly become accessible.<br \/>\nThat\u2019s why companies need to start preparing now\u2014even if quantum threats are still years away.<br \/>\nHow AWS Is Preparing for Post-Quantum Encryption<br \/>\nAt AWS, we\u2019re taking a multi-layered approach:<br \/>\n1. Inventorying existing encryption systems \u2013 Identifying which types of encrypted data need the strongest long-term protection.<br \/>\n2. Testing new post-quantum encryption algorithms \u2013 Working with global standards bodies to develop and validate quantum-resistant encryption techniques.<br \/>\n3. Helping customers transition smoothly \u2013 Developing strategies for migrating to post-quantum security standards without disruption.<br \/>\nRight now, most organizations should be:<br \/>\n* Taking stock of their encrypted data.<br \/>\n* Identifying long-term sensitive secrets.<br \/>\n* Following developments in post-quantum encryption.<br \/>\nThe shift to quantum-resistant encryption isn\u2019t happening overnight\u2014but organizations that start planning now will be in a much stronger position when the time comes.<br \/>\nDavid Puner: It\u2019s fascinating to think that securing data today is also about protecting it from future threats\u2014even threats that might not materialize for another decade or more.<br \/>\nIt sounds like AWS is already well ahead in preparing for post-quantum security. But when it comes to real-world implementation, how do you balance security advancements with the practicality of transitioning customers to new encryption standards?<br \/>\nRitesh Desai: That\u2019s a great question. At AWS, we take a phased approach to transitioning customers to new security standards.<br \/>\nHere\u2019s how we think about it:<br \/>\nStep 1: Assessing the Impact of New Encryption Standards<br \/>\n* Not all data is equally sensitive or equally at risk.<br \/>\n* We first identify which types of secrets need quantum-resistant protection.<br \/>\n* We work with customers to prioritize what needs to be transitioned first.<br \/>\nStep 2: Testing and Validating New Encryption Methods<br \/>\n* Before rolling out new encryption standards, we test them extensively to ensure:<br \/>\n   * They don\u2019t degrade performance.<br \/>\n   * They work across different AWS services.<br \/>\n   * They provide strong security without breaking existing workflows.<br \/>\n* This is crucial because forcing encryption changes too quickly can actually introduce security gaps if companies aren\u2019t prepared.<br \/>\nStep 3: Implementing a Smooth Transition Strategy<br \/>\n* Rather than making an immediate switch, we give customers time to migrate.<br \/>\n* We provide:<br \/>\n   * Clear documentation and best practices.<br \/>\n   * Automated tools to make the transition easier.<br \/>\n   * Support for hybrid environments\u2014so customers can use both traditional encryption and post-quantum encryption during the transition period.<br \/>\nStep 4: Continuous Monitoring and Improvement<br \/>\n* Security is not a one-time fix.<br \/>\n* Even after adopting new encryption, we:<br \/>\n   * Continuously monitor for potential vulnerabilities.<br \/>\n   * Optimize encryption performance.<br \/>\n   * Refine best practices based on real-world usage.<br \/>\nDavid Puner: So it\u2019s not just about introducing stronger encryption\u2014it\u2019s about ensuring that customers can adopt it without disruption?<br \/>\nRitesh Desai: Exactly. Security only works if it\u2019s practical.<br \/>\nThat\u2019s why we take an incremental approach\u2014so companies can strengthen their security posture without impacting business continuity.<br \/>\nDavid Puner: Makes sense. And it ties back to something you said earlier: security is a journey, not a destination.<br \/>\nRitesh Desai: Absolutely. And that\u2019s what makes secrets management such a fascinating and ever-evolving field.<br \/>\nDavid Puner: You\u2019ve covered a ton of important topics today. From secrets management best practices to multi-cloud security to AI-powered threat detection and post-quantum encryption.<br \/>\nBefore we wrap up, I want to ask\u2014what advice would you give to organizations that are just starting to build out their secrets management strategy?<br \/>\nRitesh Desai: Great question! If I had to summarize it in a few key takeaways, I\u2019d say:<br \/>\n1. Make security a shared responsibility \u2013 Secrets management isn\u2019t just for security teams. It should be built into every part of the organization\u2014from development to operations to compliance.<br \/>\n2. Centralize secrets management \u2013 Avoid storing secrets in scattered locations. Use a dedicated secrets management tool to maintain visibility and control.<br \/>\n3. Use automation wherever possible \u2013 Rotate secrets automatically. Monitor access patterns with AI. The more you can automate, the stronger your security posture will be.<br \/>\n4. Implement Zero Trust principles \u2013 Never assume trust. Always verify. This is especially important for machine identities, where static credentials create risk.<br \/>\n5. Stay ahead of emerging security threats \u2013 The threat landscape is constantly evolving. Organizations should be thinking about post-quantum encryption today, even if they won\u2019t need it for years.<br \/>\nDavid Puner: That\u2019s a fantastic summary. I really appreciate your time today, Ritesh. This has been a great conversation.<br \/>\nRitesh Desai: Thanks, David. I really enjoyed it!<br \/>\nDavid Puner: And thanks to everyone for tuning in to Trust Issues!<br \/>\nIf you enjoyed this episode, be sure to check out our back catalog for more conversations with cybersecurity experts.<br \/>\nAnd don\u2019t forget to follow us wherever you get your podcasts\u2014so you never miss an episode.<br \/>\nOh, and if you have any questions, comments, or suggestions, feel free to reach out! Our email is trustissues@cyberark.com.<br \/>\nSee you next time!<\/div>\n","protected":false},"featured_media":213864,"template":"","class_list":["post-201641","podcast","type-podcast","status-publish","has-post-thumbnail","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>EP 69 - Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud | CyberArk<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"EP 69 - Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud\" \/>\n<meta property=\"og:description\" content=\"In this episode of the Trust Issues podcast, host David Puner dives into the complexities of secrets management with Ritesh Desai, General Manager at AWS Secrets Manager. They discuss the evolving landscape of secrets management,...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/\" \/>\n<meta property=\"og:site_name\" content=\"CyberArk\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CyberArk\/\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-06T09:43:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.cyberark.com\/wp-content\/uploads\/2025\/01\/NjNjNi5qcGc-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1400\" \/>\n\t<meta property=\"og:image:height\" content=\"1400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@CyberArk\" \/>\n<meta name=\"twitter:label1\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data1\" content=\"28 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/\",\"url\":\"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/\",\"name\":\"EP 69 - Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud | CyberArk\",\"isPartOf\":{\"@id\":\"https:\/\/www.cyberark.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.cyberark.com\/wp-content\/uploads\/2025\/01\/NjNjNi5qcGc-1.jpg\",\"datePublished\":\"2025-01-17T05:25:43+00:00\",\"dateModified\":\"2026-04-06T09:43:22+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/#primaryimage\",\"url\":\"https:\/\/www.cyberark.com\/wp-content\/uploads\/2025\/01\/NjNjNi5qcGc-1.jpg\",\"contentUrl\":\"https:\/\/www.cyberark.com\/wp-content\/uploads\/2025\/01\/NjNjNi5qcGc-1.jpg\",\"width\":1400,\"height\":1400},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.cyberark.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"EP 69 &#8211; Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.cyberark.com\/#website\",\"url\":\"https:\/\/www.cyberark.com\/\",\"name\":\"CyberArk\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.cyberark.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.cyberark.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.cyberark.com\/#organization\",\"name\":\"CyberArk Software\",\"url\":\"https:\/\/www.cyberark.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/www.cyberark.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.cyberark.com\/wp-content\/uploads\/2021\/02\/cyberark-logo-dark.svg\",\"contentUrl\":\"https:\/\/www.cyberark.com\/wp-content\/uploads\/2021\/02\/cyberark-logo-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"CyberArk Software\"},\"image\":{\"@id\":\"https:\/\/www.cyberark.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/CyberArk\/\",\"https:\/\/x.com\/CyberArk\",\"https:\/\/www.linkedin.com\/company\/cyber-ark-software\/\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"EP 69 - Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud | CyberArk","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/","og_locale":"es_ES","og_type":"article","og_title":"EP 69 - Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud","og_description":"In this episode of the Trust Issues podcast, host David Puner dives into the complexities of secrets management with Ritesh Desai, General Manager at AWS Secrets Manager. They discuss the evolving landscape of secrets management,...","og_url":"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/","og_site_name":"CyberArk","article_publisher":"https:\/\/www.facebook.com\/CyberArk\/","article_modified_time":"2026-04-06T09:43:22+00:00","og_image":[{"width":1400,"height":1400,"url":"https:\/\/www.cyberark.com\/wp-content\/uploads\/2025\/01\/NjNjNi5qcGc-1.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@CyberArk","twitter_misc":{"Tiempo de lectura":"28 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/","url":"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/","name":"EP 69 - Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud | CyberArk","isPartOf":{"@id":"https:\/\/www.cyberark.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/#primaryimage"},"image":{"@id":"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cyberark.com\/wp-content\/uploads\/2025\/01\/NjNjNi5qcGc-1.jpg","datePublished":"2025-01-17T05:25:43+00:00","dateModified":"2026-04-06T09:43:22+00:00","breadcrumb":{"@id":"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/#primaryimage","url":"https:\/\/www.cyberark.com\/wp-content\/uploads\/2025\/01\/NjNjNi5qcGc-1.jpg","contentUrl":"https:\/\/www.cyberark.com\/wp-content\/uploads\/2025\/01\/NjNjNi5qcGc-1.jpg","width":1400,"height":1400},{"@type":"BreadcrumbList","@id":"https:\/\/www.cyberark.com\/podcasts\/ep-69-cloudy-with-a-100-chance-of-secrets-decoding-secrets-management-in-the-cloud\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cyberark.com\/"},{"@type":"ListItem","position":2,"name":"EP 69 &#8211; Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud"}]},{"@type":"WebSite","@id":"https:\/\/www.cyberark.com\/#website","url":"https:\/\/www.cyberark.com\/","name":"CyberArk","description":"","publisher":{"@id":"https:\/\/www.cyberark.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cyberark.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/www.cyberark.com\/#organization","name":"CyberArk Software","url":"https:\/\/www.cyberark.com\/","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/www.cyberark.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.cyberark.com\/wp-content\/uploads\/2021\/02\/cyberark-logo-dark.svg","contentUrl":"https:\/\/www.cyberark.com\/wp-content\/uploads\/2021\/02\/cyberark-logo-dark.svg","width":"1024","height":"1024","caption":"CyberArk Software"},"image":{"@id":"https:\/\/www.cyberark.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/CyberArk\/","https:\/\/x.com\/CyberArk","https:\/\/www.linkedin.com\/company\/cyber-ark-software\/"]}]}},"_links":{"self":[{"href":"https:\/\/www.cyberark.com\/es\/wp-json\/wp\/v2\/podcast\/201641","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cyberark.com\/es\/wp-json\/wp\/v2\/podcast"}],"about":[{"href":"https:\/\/www.cyberark.com\/es\/wp-json\/wp\/v2\/types\/podcast"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cyberark.com\/es\/wp-json\/wp\/v2\/media\/213864"}],"wp:attachment":[{"href":"https:\/\/www.cyberark.com\/es\/wp-json\/wp\/v2\/media?parent=201641"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}