Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406

Segment 1 - Secrets and their role in infrastructure security

From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, and shares insights on integrating secrets management into systems design.

This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them!

Segment 2 - Weekly Enterprise News

In this week's enterprise security news, we have:

1. Funding, mostly focused on identity security and 'secure-by-design'
2. Palo Alto acquires one of the more mature AI security startups, Protect AI
3. LimaCharlie is first with a cybersecurity-focused MCP offering
4. Meta releases a ton of open source AI security tooling, including LlamaFirewall
5. Exploring the state of AI in the SOC
6. The first research on whether AI is replacing jobs is out
7. Some CEOs are requiring employees to be more productive with AI
8. Are prompts the new IOCs?
9. Are puppies the new booth babes?
10. We get closure on two previous stories we covered:
    1. one about an ex-Disney employee,
    2. and one about a tiny dog

Segment 3 - Executive Interviews from RSAC

CYWARE The legacy SecOps market is getting disrupted. The traditional way of ingesting large troves of data, analysis and actioning is not efficient today. Customers and the market are moving towards a more threat centric approach to effectively solve their security operations challenges.

1. CERT Water Management Case Study
2. Cybersecurity Alert Fatigue! How Threat Intelligence Can Turn Data Overload Into Actionable Insights Blog
3. Frost & Sullivan's 2024 Threat Intelligence Platform Radar Report
4. 2025 TIP Buyer's Guide

This segment is sponsored by Cyware. Visit https://securityweekly.com/cywarersac to request a demo!

SUMOLOGIC Intelligent SecOps is more than a buzzword—it's a blueprint for modernizing security operations through real-time analytics, contextual threat intelligence, and AI-powered automation. In this segment, Sumo Logic's Field CTO Chas Clawson explains how SOC teams can accelerate detection and response, cut through alert noise, and improve security outcomes by fusing AI-driven automation with human context and expertise. He also shares the latest security capabilities Sumo Logic announced at the RSA Conference to help organizations build and operate Intelligent SecOps.

• Press Release: Sumo Logic Unifies Security to Deliver Intelligent Security Operations
• Blog: RSAC 2025 Intelligent Security Operations
• Brief: Sumo Logic Threat Intelligence
• Chas Blog: Cloudy with a chance of breach: advanced threat hunting strategies for a hyperconnected and SaaSy world
• LinkedIn Live: Implications of AI in a modern defense strategy

This segment is sponsored by Sumo Logic. Visit https://securityweekly.com/sumologicrsac to learn more about them!

Show Notes: https://securityweekly.com/esw-406