Today, when we talk about security in information systems, the most expected topic is the protection of sensitive data between different components of the system. This sensitive data that needs to be protected includes server access passwords, database connections, API authentication tokens, and application user accounts. Indeed, many security attacks occur because this type of data is decrypted in the source code of applications or in poorly protected files that are exposed to local workstations. There are many known tools that can be used to secure this sensitive data, such as these:
- KeyPass (https://keepass.info/)
- LastPass (https://www.lastpass.com/)
- Ansible Vault, the use of which we discussed Chapter 3, Using Ansible for Configuring IaaS Infrastructure
- Vault from HashiCorp
Also, cloud providers offer secret protection services...