2026-02-03, 16:50–17:40, B.1.031
Secrets are everywhere in modern infrastructure - API keys, credentials, tokens, certificates - but what exactly qualifies as a "secret"? What are static and dynamic secrets? How do they behave?
This talk begins by defining the term itself and mapping out where secrets typically appear across systems, environments, and workflows.
We’ll dive into the distinction between static and dynamic secrets, examining whether the difference is technical, operational, or even philosophical.
Within a live demo, we’ll explore how secrets behave in practice, how they’re provisioned and rotated, and what implications they have for security and operations.
This session aims to clarify terminology, challenge assumptions, and help attendees make informed decisions about how they handle secrets in their own environments.
Demo Tech Stack: OpenBao, Keycloak, PostgreSQL, OpenSSH
Leon Krass works as Technical Leader for HashiCorp Vault at SVA System Vertrieb Alexander GmbH. In his role, he consults clients from the private and public sectors on various infrastructural and architectural topics. His favorite solutions to achieve infrastructure automation and standardization include Vault, Terraform, Ansible and Kubernetes.