Secrets Management: How to (not) help the person who hacks your servers get your data
Where do you store your credentials and secrets? In .env files or in environment variables, or even worse, in config files? Are your primary AWS keys shared amongst developers? Do you still have SSH keys from former employees on your servers?