Overview

The Secretless Broker is a connection broker that relieves client applications of the need to directly handle secrets. When an application requires access to a Target Service such as a database, web service, SSH connection, or any other TCP-based service, rather than connect to the Target Service directly it can connect to the local Secretless Broker without credentials. Secretless Broker can be configured to retrieve credentials for each connection from any of several credential stores and inject the credentials into the connection request. Once the connection is made, Secretless Broker seamlessly streams the connection between the client and the Target Service. The Secretless Broker can coordinate connections to multiple Target Services in parallel.

Why Secretless?

The Secretless Broker solves two problems.

First, it prevents the loss or theft of credentials from applications and services, which occur by:

Problem

Description

Accidental credential leakage For example, when credentials are written to a log file or checked into source control  
An attack on a privileged user For example, phishing or developer machine compromises
A vulnerability in an application For example, remote code execution or environment variable dump

Second, Secretless Broker manages how applications interact with secrets vaults. The Secretless Broker eliminates the need to modify code to fetch requested credentials and the time spent implementing and maintaining connections to vaults. Time better spent delivering business value.

Prevent Credential Loss and Theft

Keeping secrets in a vault is a good practice. However, when a client “checks out” a secret from a vault, where does it go? Often, directly into unprotected application memory, at which point that client app has now become part of the threat surface. An organization can implement stringent best practices and recommendations to be followed by every user and each application which checks secrets out of a vault, however, even if you harden the app in every possible way, it does guarantee 0-day vulnerabilities in the app, underlying framework, or the programming language used.

It can be a losing battle to train every user and application developer about how to safely handle a secret once it's been obtained, even if you can mitigate all of the attack surfaces of the client app itself. There are so many things that can go wrong, and people (and applications) can better use the time to write features instead of trying to be security engineers.

Focus on adding business value

Secretless Broker is specifically written to be really good at interacting with a variety of vaults and abstracting away the security to a specialized module that can easily be audited and expanded with custom plugins. It does a really good job of securing any secrets that it might obtain from a vault, and it does it the same way no matter the developer, technology, or platform.

Solution benefits

  • The client does not have to know how to fetch credentials

  • The client/app no longer has to directly interact with a secrets vault and no code must be changed to fetch credentials before opening a connection. If the vault used changes when the environment or platform changes no changes in code are required, thus reducing the probability of human error and bugs.

  • The client is not part of the threat surface

  • The client/app no longer has direct access to the password, and therefore cannot reveal it.

  • The client doesn’t have to know how to properly manage secrets

  • Handling secrets safely involves some complexities, and when every application needs to know how to handle secrets, accidents happen. Secretless Broker centralizes the client-side management of secrets into one code base, making it easier for developers to focus on delivering features.

Learn more

 
9.7