Name: Secret Management & Safeguarding Your Product Data with Brian Vallelunga, Founder and CEO of Doppler
Uploaded: 2024-10-08T05:00:10.000Z
Duration: 4703
Description: If you've worked closely with a product team, chances are that secret management has been a topic that you've had to wrangle with at some point. Either because...

If you've worked closely with a product team, chances are that secret management has been a topic that you've had to wrangle with at some point. Either because your development or deployment teams don't have access to the right secrets, and that slows down how quickly you can get your code to production or worse because your secrets were exposed to the public and put your data and your customer's data at risk through a data breach.

In this episode of the Convergence Podcast, Ashok welcomes Brian Vallelunga, CEO of Doppler, to discuss the too-often overlooked topic of secret management in software development.

Before founding Doppler in 2018, Brian was a lead engineer at Uber, where he worked on special projects for the C-suite. Doppler is a secret office platform backed by industry heavy hitting venture capitalists like CRV, Google Ventures, Sequoia, Greylock, Kleiner Perkins and they're also a Y Combinator company.

Brian shares insights on why development teams frequently struggle with managing secrets like API keys and database credentials, and he explains the far-reaching consequences of poor product security—ranging from data breaches to production slowdowns. Brian also discusses the importance of proactively training teams and developing secure workflows, providing real-life examples of high-profile data breaches at companies like Twitter and Toyota.

Brian outlines 4 essential questions executives and senior engineers should ask to safeguard their systems. From developing playbooks for responding to breaches to ensuring secret rotation, this episode is packed with actionable advice for both technical and non-technical leaders.
Unlock the full potential of your product team with Integral's player coaches, experts in lean, human-centered design. Visit integral.io/convergence for a free Product Success Lab workshop to gain clarity and confidence in tackling any product design or engineering challenge.

Inside the episode...
What secrets are and why they are critical in software development
The challenges of secret management for both small startups and large companies
High-profile data breaches at Twitter and Toyota and how they happened
Key questions every executive and engineer should ask about secret management
Proactive steps to train your team and secure your codebase
How to clean up exposed secrets and prevent future mistakes
Best practices for rotating secrets and monitoring security

Mentioned in this episode
Doppler (Secret management platform)
AWS Secrets Manager
Google Cloud Platform (GCP) Secrets Manager
HashiCorp Vault
Toyota and Twitter data breaches

Subscribe to the Convergence podcast wherever you get podcasts including video episodes to get updated on the other crucial conversations that we'll post on YouTube at youtube.com/@ConvergenceFMPodcast

Learn something? Give us a 5 star review and like the podcast on YouTube. It's how we grow.

Follow the Pod
Linkedin: https://www.linkedin.com/company/convergence-podcast/
X: https://twitter.com/podconvergence
Instagram: @podconvergence