How WRITER Redesigned Secrets Management to Build Secure AI Agents

WRITER is where the world’s leading enterprises orchestrate AI-powered work. With WRITER's end-to-end platform, teams can build, activate, and supervise AI agents that are grounded in their company’s data and fueled by WRITER's enterprise-grade LLMs. From faster product launches to deeper financial research to better clinical trials, companies are quickly transforming their most important business processes for the AI era in partnership with WRITER.

Founded in 2020, WRITER delivers unmatched ROI for hundreds of customers like Accenture, Mars, Marriott, Uber, and Vanguard and is backed by investors including Premji Invest, Radical Ventures, ICONIQ Growth, Insight Partners, Balderton, B Capital, Salesforce Ventures, Adobe Ventures, Citi Ventures, IBM Ventures, and others. 

Key challenges included:

As WRITER’s platform and customer base grew, so did the complexity of its infrastructure. Secrets were managed across multiple tools including GitHub, SOPS, AWS, GCP, and 1Password, each with its own access model, policies, and audit trail.

While this approach worked early on, it made it harder to maintain consistent visibility, governance, and auditability at scale. For an enterprise-focused company operating in highly regulated environments, WRITER wanted a more centralized and standardized approach to secrets management. As a result, addressing secrets management became a top internal priority. 

WRITER needed to eliminate secret sprawl without slowing development or forcing teams to change how they worked. The goal was to centralize secrets across clouds and tools, reduce security risk, and make enterprise security reviews easier to pass.

They implemented Infisical as a single secrets management platform, consolidating secrets from GitHub, SOPS, AWS, GCP, and 1Password into one system. The team first validated the approach using Infisical’s open-source product, then expanded to the enterprise platform to support SSO, SCIM provisioning, and stronger governance. The deployment fit cleanly into their multi-cloud architecture and supported both single-tenant and multi-tenant environments.

Implementation focused on removing risk at the infrastructure level, not rewriting workflows. GitOps processes remained intact, but manual decryption steps were replaced with runtime access in CI/CD pipelines. Secrets are now available only when needed and tied to verified workloads instead of long-lived credentials.

Infisical stood out because it addressed the problem directly, providing centralized control and visibility without adding operational overhead. The platform delivered:

After implementation, WRITER eliminated the secret sprawl created by disparate systems and removed a significant source of friction from its development and deployment workflows. Secrets are now managed through a single platform with consistent controls and clear audit trails.

Key outcomes include:

“Infisical removed a lot of the day-to-day overhead around secrets management. With it integrated into our existing workflows, engineers now spend less time wiring things together and more time focused on building and operating the platform,” said Ben Paradis, Principal Security Engineer at WRITER.

By consolidating secrets management, WRITER established an enterprise-ready security posture suited for regulated and high-trust environments.

By eliminating secret sprawl, WRITER turned a high-priority security risk into a foundation for enterprise growth. Centralized secrets, identity-based access, and full auditability gave their security and platform teams the confidence to move forward with large, regulated customers, without slowing engineering or changing workflows.

If your organization is facing similar challenges with fragmented secrets, complex CI/CD environments, or growing scrutiny from enterprise and federal buyers, Infisical can help.

Learn how Infisical helps security and platform teams centralize secrets, reduce risk, and move faster with confidence. Contact us today.