What is Secret?

A secret is a confidential value used by an application such as database credential, API key, or other configuration. In most cases, secrets allow applications to access systems and control how they behave across the development cycle — for example, an application might use a database password stored in an environment variable like DB_PASSWORD to connect to production data. These secrets must be kept secure to protect infrastructure and data.

What is Secrets Management?

As infrastructure scales and systems become more distributed, secrets sprawl. Without consistent security practices, secrets get hardcoded in source code, exposed in environment variables, left unrotated for long periods, and scattered across systems without clear visibility into who can access them. To solve secret sprawl, organizations rely on secrets management: the practice of centralizing secrets and managing them through well-defined workflows. This includes secure storage, fine-grained access controls, automatic rotation, audit logging, and support for dynamic, short-lived credentials. A consistent approach makes it easier to keep secrets safe, reduce risk, and operate reliably across environments.