Brian Vallelunga

If it has a secret in it, even in the history, it will get found and start getting exploited. So it's very quick. It's insanely quick. And then... The other side of it is now that they have access to your AWS, they can start scanning all your resources. Okay, what execution environments are set up? What databases are set up? Can I get access to those databases? How privileged is this credential?

If it has a secret in it, even in the history, it will get found and start getting exploited. So it's very quick. It's insanely quick. And then... The other side of it is now that they have access to your AWS, they can start scanning all your resources. Okay, what execution environments are set up? What databases are set up? Can I get access to those databases? How privileged is this credential?

And you start having this ripple effect where it's like, oh my gosh. Now, especially if it has like strong super admin permissions, it can start creating other credentials. And now you have this like cat and mouse game of like, how do I get out of the system? Could it lock me out of the system? Are there back doors it's placing in? So even if we remove it, it's still actually there, right?

And you start having this ripple effect where it's like, oh my gosh. Now, especially if it has like strong super admin permissions, it can start creating other credentials. And now you have this like cat and mouse game of like, how do I get out of the system? Could it lock me out of the system? Are there back doors it's placing in? So even if we remove it, it's still actually there, right?

it gets scary really quickly. Once they get into the system, it's very, very hard to get them out.

it gets scary really quickly. Once they get into the system, it's very, very hard to get them out.

Based on the data that we have from Doppler, we can't see customer secrets at all, but we can get an auto report of the names of the secrets they use if they give us that permission. And from the data we have, it's like 90% of the sensitive secrets that we put in Doppler and customers have an ability to say, this is sensitive or this is not, is actually like access tokens.

Based on the data that we have from Doppler, we can't see customer secrets at all, but we can get an auto report of the names of the secrets they use if they give us that permission. And from the data we have, it's like 90% of the sensitive secrets that we put in Doppler and customers have an ability to say, this is sensitive or this is not, is actually like access tokens.

So it's not encryption tokens. Um, so it's like, if you get that Stripe key, you have it all. Like you have every customer's credit card and bank account in there. There's no extra layer of protection.

So it's not encryption tokens. Um, so it's like, if you get that Stripe key, you have it all. Like you have every customer's credit card and bank account in there. There's no extra layer of protection.

Agreed. I do think that the world is changing. It's just going to be very, very slow. So like you can see this in passwords today where we're going from passwords to pass keys. So anyone familiar with pass keys, it's basically like you can sign into a website with like your face or touch ID and you never had to put in a password. It's a passwordless world.

Agreed. I do think that the world is changing. It's just going to be very, very slow. So like you can see this in passwords today where we're going from passwords to pass keys. So anyone familiar with pass keys, it's basically like you can sign into a website with like your face or touch ID and you never had to put in a password. It's a passwordless world.

And the way that's working is through cryptography. You have like a fingerprint that leads to a cryptographic signature that can be used to authenticate yourself. And that that thing that's happening in passwords is now starting to happen in secrets with identity based authentication.

And the way that's working is through cryptography. You have like a fingerprint that leads to a cryptographic signature that can be used to authenticate yourself. And that that thing that's happening in passwords is now starting to happen in secrets with identity based authentication.

And so like the kind of picture that we can start to see happening very, very slowly in like Doppler's job is to like help move this along, help move the industry along is to have like this bridge of connection. So like on one side, you have like your AWS GCP execution environment, and that has an identity already today. And then you can pair that with Doppler.

And so like the kind of picture that we can start to see happening very, very slowly in like Doppler's job is to like help move this along, help move the industry along is to have like this bridge of connection. So like on one side, you have like your AWS GCP execution environment, and that has an identity already today. And then you can pair that with Doppler.

And now you're authentic by the fact that you're in that EC2 instance or you are now automatically authenticated to Doppler. And then eventually Doppler will have the connection of now that you're authenticated with Doppler, you're automatically authenticated to Stripe. There's no more API key needed.

And now you're authentic by the fact that you're in that EC2 instance or you are now automatically authenticated to Doppler. And then eventually Doppler will have the connection of now that you're authenticated with Doppler, you're automatically authenticated to Stripe. There's no more API key needed.

We are all cryptographically authorizing each other across this chain or this highway of authentication. And that's kind of like the dream state that we're going to be getting to over the next couple of years. It's going to take a lot of work of working with partners, but you don't have to convince Stripe, Twilio and so many other providers to enable this.

We are all cryptographically authorizing each other across this chain or this highway of authentication. And that's kind of like the dream state that we're going to be getting to over the next couple of years. It's going to take a lot of work of working with partners, but you don't have to convince Stripe, Twilio and so many other providers to enable this.