Talk
Intermediate
First Talk

Securing Secrets from Dev to Deployment without a backend

Rejected

Session Description

SLV (Secure Local Vault) bridges the gap between local developer environments and secure CI/CD pipelines by offering a lightweight, CLI-first tool for managing secrets without relying on centralized, cloud-hosted secrets managers. This talk will demonstrate how sensitive credentials can leak across development to production workflows and how SLV prevents this through isolated, encrypted vaults, ephemeral secrets injection, and audit-friendly flows. With real-world attack paths as context, we will show how SLV hardens secrets handling from the first line of code to final deployment.

Key Takeaways

  • SLV is a CLI tool written in Go for secure secrets management from dev machines to deployment environments using envelope encryption techniques.

  • Secrets are stored in isolated vaults with zero-knowledge encryption with support for easy key rotation.

  • Integrates with Git, Docker, and Kubernetes to inject secrets at runtime without leaving plaintext traces.

  • Supports pluggable backends (e.g., AWS KMS and GCP KMS).

  • Designed to work offline with full CLI and shell injection workflows.

  • Comes with GitHub Actions support and secure bootstrap scripts for easier dev onboarding.

References

https://slv.sh

Session Categories

Introducing a FOSS project or a new version of a popular project
Which track are you applying for?
Main track

Speakers

Shibly Meeran
Senior Manager - Security Engineering Amagi Media Labs
https://github.com/shibme
Shibly Meeran
Keshav Kandasamy
Lead Security Engineer Amagi Media Labs
https://github.com/keshavk2
Keshav Kandasamy

Reviews

66 %
Approvability
2
Approvals
1
Rejections
0
Not Sure

I'm sold on the title itself. Looking forward to the talk. Suggestion: Please add more details and references (slides/codes)

Reviewer #1
Approved

The credential leakage from diverse environment/workflows is a challenge to be addressed. The speakers may also compare the solution with other existing open source ones, specially on parameters like light-weight, compute etc.

Reviewer #2
Approved

Thank you for submitting your proposal for IndiaFOSS 2025. Your submission was well-received and progressed to our final review stages.

Unfortunately, due to the high volume of excellent proposals this year, we were unable to select your talk for the final program. We appreciate the effort you put into your submission and encourage you to apply again for future events.

Reviewer #3
Rejected