Secret management overview

This is an overview of how Onboardbase helps startups create secure devops workflows to protect their secrets and data.

Secrets represent sensitive environment variables you need to protect at all costs―passwords, API keys, tokens, etc. But the reality is that most businesses aren't ready:

• Data breaches caused by stolen credentials are alarmingly common and take months to notice.
• Phishing attacks account for 37% of all cyberattacks.
• Many cyber attacks succeed due to simple human errors that could have been prevented with proper preparation and awareness.

If you're reading this doc page, you're already aware this is a big problem for startups that usually require huge investments to get right. Onboardbase addresses all the challenges involved in secret management:

• Secret vault storage - Securely storing secrets with encryption => See End-to-end encryption guide
• Secret distribution & delivery - Secrets need to be delivered securely to applications or users that require them. => See Sharing secrets guide
• Monitoring & alerting - Monitoring secret access and usage to detect unauthorized access or misuse of sensitive data. => See Secret monitoring guide

The only thing Onboardbase doesn't take care of (yet) is secret generation. You only need to generate secrets from third-party services and add them to your Onboardbase project.