Talk to any security-savvy software development leaders and they’ll probably share some version of the same overarching goal; transforming their team to a DevSecOps model, where security is built into the development, deployment and management of applications. But converting developers and their processes into a secure coding culture doesn't happen overnight. In this panel discussion, Dark Reading editors and our very own Uzi Ailon, VP of DevSecOps will explain how to create a DevSecOps strategy and program that ensures the production of more secure software.
Recommended for You
1:56The Drawing Board Session 5: Secure Access for Any Type of Workload
Learn how to secure access for diverse workloads across cloud, on-premises, and edge environments using a unified identity model. The video explains how SPIFFE provides cryptographically verifiable
1:55The Drawing Board Session 4: Where are your Secrets
Learn how to combat secret sprawl by identifying hardcoded credentials hidden in pipelines, source code, and configuration files. This video explores how discovery tools provide the necessary context
1:56The Drawing Board Session 3: SPIFFE- Aware Applications
Learn how SPIFFE-aware applications replace risky, hard-coded secrets with cryptographically verifiable identities automatically delivered at runtime.
2:13The Drawing Board Session 2: Demystifying SPIFFE
Discover how SPIFFE provides a vendor-neutral specification to transform workload identity security by replacing high-risk, hard-coded secrets with unique cryptographic identities.
2:26The Drawing Board Session 1: Workload Identity 101
Join Emma Talpey and Joe Garcia in this episode of "The Drawing Board" as they dive into Workload Identity 101. Learn how to move away from risky, hard-coded secrets and toward a more secure
47:23Secrets Management Horror Stories from the Field: Four Compliance Pitfalls Organizations Can't Ignore
DORA, NIS2, and the UK's CAF v4.0 are all converging on the same uncomfortable question: \"Can you prove which machines accessed what resources, when, and why?\" For most organizations
Encova Unifies Cloud Secrets to Improve Security and Cut Audit Cycles from Weeks to Hours with AWS and CyberArk
Learn how Encova Insurance unified secrets governance across vaults with AWS Partner CyberArk to streamline audits, strengthen security, and support cloud-first development.
1:00:59Multi-Cloud, One Mission: Securing Secrets in 2026 — Key Insights and Trends
Secrets are exploding across clouds. Learn how to discover, control, and eliminate secrets in 2026 with modern workload identity and CyberArk.
2025 Frost and Sullivan Key and Secrets Management Report
See why Frost & Sullivan gave CyberArk the highest score on the Growth Index in their 2025 Key and Secrets Management report.
1:08Tame the Vault Sprawl: Bring All Your Secrets Under Control in 60 Seconds
Centralize scattered vaults and stop secret sprawl. CyberArk Secrets Hub unifies visibility, enforces policy, automates rotation, and keeps you audit-ready.
35:04Secrets Management Horror Stories from the Field: Four Security Pitfalls to Avoid
Learn why centralizing secrets strengthens governance and hear real-world horror stories with field-tested fixes—without disrupting your developers.
46:08The Future of Enterprise Secrets Management – As The Challenges Grow, How Are Security Teams Keeping Up?
In the fast-moving world of DevOps, cloud, and machine identities, secrets are everywhere—and attackers know it.
You can’t secure what you can’t see
As machine identities multiply and vaults sprawl across clouds, visibility becomes your biggest vulnerability.
28:32Eliminating Vault Sprawl: Centralized Secrets Management Across AWS, Azure, GCP and HashiCorp Vault
Join CyberArk experts Uzi (VP, Machine Identity Solutions) and Darren (Senior Product Manager) to learn how to eliminate secrets vault sprawl and unify governance across your organization.
Keeping Secrets Under Control and Secure
Cloud growth has fueled an explosion of machine identities and secrets—often scattered across multiple AWS accounts and unmanaged vaults. The result: vault sprawl, blind spots, and rising compliance
Three Critical Use Cases for Enterprise Secrets Management
The explosion of machine identities—outnumbering human users by more than 80:1—has created new security challenges for enterprises.
Managed Identities: A Practical Guide to Eliminating Static Secrets
As cloud-native architectures and microservices expand, machine identities now vastly outnumber human ones, creating a growing security challenge. Traditional static secrets like API keys, passwords,
Why secret sprawl may be your biggest security threat (and how to help fix it)
Picture this: You’re having your morning coffee when your phone buzzes with the kind of alert that makes security professionals break into a cold sweat. A single API key, leaked on GitHub months...
A CISO’s guide to post-quantum readiness: How to build crypto agility now
The quantum threat isn’t theoretical—it’s operational. Quantum computing is rapidly shifting from research to reality, forcing chief information security officers (CISOs) to rethink cryptography,...
Identity Security Imperative for Machines
This excerpt from the Identity Security Imperative explores how to secure rapidly growing machine identities with intelligent controls—without slowing innovation.
