Assume database credentials have leaked: Dynamic credentials...

Date: 2016-09-14
Time: 15:30 - 16:20
Room: Ft. Worth 1
Level: Intermediate

In a dynamic infrastructure world, let's stop pretending credentials aren't public knowledge in an organization and just assume that they already have, now what? This security focused talk will include:

) A demo of a dynamic credential system integrating applications and PostgreSQL administrators with Vault ( ) A discussion of various risks and assessment for organizations who want to audit access to their databases ) Sample integration with .pgpass for administrators and developers ) Sample integration with applications that read their DB credentials from files and environment variables ) Various Best Practices tips and suggestions ) Q&A

Configs and examples will be available.


Sean Chittenden