Skip to content
Learn Netverks

Lesson

Step 23/36 64% through track

secrets-management

Secrets Management

Last reviewed May 28, 2026 Content v20260528
Track mode
none
Means
Read / quiz
Reading
~1 min
Level
intermediate

This lesson

This lesson teaches Secrets Management: security mindset, common threats, and defensive practices for software teams.

Leaked API keys in git remain a top incident cause—secrets hygiene is daily work.

You will apply Secrets Management in contexts like: Web apps, APIs, CI/CD, and organizational compliance programs.

Read scenario-based lessons, map controls to code you write on other tracks, and complete MCQs—practice threat modeling on paper or in docs.

When you can explain the previous lesson's ideas in your own words.

API keys, DB passwords, and TLS private keys are secrets—never in git, screenshots, or client-side mobile apps.

Storage

Environment variables via secret managers (AWS Secrets Manager, HashiCorp Vault, Doppler)—inject at runtime in CI/CD.

Rotation

Rotate after staff departures and suspected leaks; automate where possible.

Client apps

Mobile/SPA cannot hide embedded keys—use backend proxy for third-party APIs.

Important interview questions and answers

  1. Q: .env in git?
    A: Historic breach vector—use git-secrets scanning.
  2. Q: 12-factor config?
    A: Store config in environment, not code.

Self-check

  1. Where should production DB password live?
  2. Why can't SPA hide API keys?

Pitfall: Secrets in CI logs—mask outputs and use OIDC to cloud roles.

Interview prep

Secrets in git?

Never—use secret manager and scanning.

Interview tip Lesson completion confidence

Can you explain this lesson in 30 seconds without reading notes?

Not saved yet.

Check yourself

Multiple choice — immediate feedback.

Discussion

Past discussion is visible to everyone. Only logged-in users can post comments and replies.

Starter discussion topics

  • Secrets in git?
  • SPA API keys?

Sign up or log in to post comments and sync lesson progress across devices.

No discussion yet. Be the first to ask a question.

Jump

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36