Secrets Management Best Practices and Tools - RUBY 655

2936.235 - 2958.223 Brian Vallelunga

because it's so easy these days for like one dependency that nobody's cared about for 10 years to just get bought for like a couple hundred bucks and then someone pushes an update for it um and all the other dependencies haven't frozen on that older version and so now all these dependencies get that update which means you get the update and that update has malicious code in it and that's like a very common like paradigm for attack these days