New Blog | Secrets scanning for Cloud deployments

By Shahar Bahat

 

Over the past year, our CNAPP solution has gone through progressive enhancements, particularly around secret management. It all began with the ability to identify various secret types across virtual machines (VMs). Subsequently, we expanded our focus to include a wide range of metadata associated with these secrets, providing valuable context. 

Today, we are excited to unveil a new capability in Public Preview: Secrets scanning for cloud deployments! Covering Azure and AWS during Public Preview, this capability marks an important step in our commitment to providing a holistic secret management solution across various resource types and different stages of software development lifecycle (SDLC).  

 

What is a Cloud deployment? 

Cloud deployments refer to the process of deploying and managing resources on cloud providers like AWS and Azure using tools such as AWS CloudFormation stack and Azure Resource Manager templates. This approach streamlines infrastructure management and enhances scalability and consistency in cloud environments. 
In one sentence – a cloud deployment is an instance of IaC template. 

 
Each cloud provider exposes an API to query for historical deployments.  
When querying AWS or Azure APIs for cloud deployment resources, you can typically retrieve the deployment metadata. Such as the deployed template, deployment parameters, deployment output and tags. 

 

Read the full post here: Secrets scanning for Cloud deployments