by nyell on 10/21/24, 2:44 AM with 1 comments
by nyell on 10/21/24, 2:44 AM
It is easy for developers to place their database credentials in a `.env` file for local testing and accidentally commit them to a version control system.
Even not committed, storing credentials as plain text is a risk as per MITRE ATT&CK Framework: credential access.
Whispr helps you store nothing locally and provides on-demand, Just In Time (JIT) secret access for applications. It supports AWS, Azure and GCP secret vaults.
Best part is no bash scripts nor CLI commands required. The tool is language & application agnostic.