open-kms
SecureStore
| open-kms | SecureStore | |
|---|---|---|
| 4 | 5 | |
| 35 | 89 | |
| - | - | |
| 3.7 | 6.0 | |
| 8 months ago | 2 months ago | |
| C# | C# | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
open-kms
-
Product Management at a privacy/security-oriented software company? How do you deal with data.
It sounds like you are talking about something that abstracts the users table. I would look at products like Basis Theory and their competitors. https://basistheory.com/
-
A brief rant on converging compliance regimes
Couple of random notes:
* Some environments might be able to use a structure where a PII table is fully tokenized while less-sensitive data is more broadly available to developers.
* Postgres can be configured with row/column-level security.
* I believe https://basistheory.com/ offers the per-user/entity key setup. This is an additional service/cost but the UI is slick and easy to provision/remove access to specific fields.
- Show HN: Open-Source KMS SDK
- Encrypt smarter, not harder: A new open source .NET KMS SDK
SecureStore
-
SecureStore VS dotenv-vault - a user suggested alternative
2 projects | 4 Nov 2023
-
appsettings.json secrets for local and for deployments
Have you looked into NeoSmart's SecureStore? It uses a versionable json file with encrypted strings as secrets, and can be unlocked via a password or a keyfile that you deploy to your application. I've used it before, and it's pretty easy to use and implement. https://github.com/neosmart/SecureStore
-
How do I put secrets in production build?
A similar but actually secure alternative to user secrets in-prod is using SecureStore: https://github.com/neosmart/SecureStore
-
.NET Framework 4.6.2 - Where to put environment variables
Have you looked into SecureStore (https://github.com/neosmart/SecureStore) for managing secrets? You can commit the json file to git, but you keep the key separate.
-
How do you store sensitive data in a production environment?
I tend to use secure store for this. https://github.com/neosmart/SecureStore. json file hold the encrypted stuff and I use a key file that goes out with deployment but never checked in. I can think of a thousand holes for all solutions. Most fall on how to you protect the key or the environment. At that point all is lost.
What are some alternatives?
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
OkcAgent - A utility that makes OpenKeychain available in your Termux shell
Configuration.EncryptedJson - Appsettings configuration encrypter
Electron.NET - :electron: Build cross platform desktop apps with ASP.NET Core (Razor Pages, MVC, Blazor).
DiffieHellmanExample - Tutorial on how to use ECDiffieHellmanCng in combination with certificates to establish a trusted shared secret
Licensing.ActivationKeys - This free, open-source .NET library allows you to license your non-free applications through activation keys.
dotenv-vault - sync .env files—from the creator of `dotenv`.
SecurityDriven.Inferno - :white_check_mark: .NET crypto done right. Professionally audited.
encpass.sh - Lightweight solution for using encrypted passwords in shell scripts
infisical - ♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure and prevent secret leaks.