A client found one of their API keys in a public error log. Tracing where that key actually lived took longer than fixing the leak — and revealed a secrets management problem nobody wanted to own.
- Published On
secrets management
Tags
consulting (41)debugging (16)architecture (14)developer-experience (14)reliability (11)observability (7)performance (7)ai (6)devops (6)code-quality (5)database (4)kubernetes (3)technical-debt (3)microservices (3)testing (3)engineering-culture (3)security (2)opentelemetry (2)monitoring (2)postgresql (2)productivity (2)ci-cd (2)tooling (2)javascript (2)postgres (2)goals (2)secrets-management (1)webhooks (1)infrastructure (1)resilience (1)containers (1)environments (1)queues (1)cloud (1)cost-optimization (1)orm (1)refactoring (1)on-call (1)alerting (1)incident-management (1)typescript (1)distributed-systems (1)caching (1)platform-engineering (1)dependencies (1)deployment (1)code-review (1)feature-flags (1)api (1)contracts (1)logging (1)mongodb (1)migration (1)workflow (1)nestjs (1)angular (1)sandbox (1)sonarcube (1)learning (1)journey (1)mdx (1)