Blackbox is a GPG secret management tool and asymmetric encryption wrapper used to securely store and share sensitive files within version control systems like Git, Mercurial, or Subversion. It functions as a version control secret store that encrypts files for safe storage at rest while allowing authorized users and machines to decrypt them. The system distinguishes itself by integrating directly with version control to provide plaintext diff and log visualization of encrypted files. It supports multi-recipient encryption and automated secret decryption via passphrase-less GPG subkeys, enabl
Sealed Secrets is a Kubernetes secret encryption tool and controller designed for GitOps security. It provides a mechanism to encrypt sensitive data into specialized resources that can be safely stored in public version control systems and decrypted only within a cluster. The system uses an asymmetric encryption manager to seal secrets with a public key, ensuring that only the corresponding private key held within the cluster can unseal them. It includes utilities for security key rotation, secret re-encryption, and offline private key recovery to maintain data access during disaster recovery
git-crypt is a transparent cryptography layer and secret manager for Git repositories. It encrypts specific files so they remain as ciphertext on remote servers while appearing as plaintext in local directories. The tool uses Git attributes to define the scope of files and directories targeted for encryption. It supports both symmetric secret key encryption for shared access and asymmetric public key encryption to control decryption permissions among multiple collaborators. The system automates the encryption and decryption process through hook-based filters that trigger during commit and ch
Infisical is a centralized secrets management platform designed to store, synchronize, and control access to sensitive credentials and configuration data across distributed development, staging, and production environments. It employs client-side encryption to ensure that secrets remain unreadable to the underlying storage infrastructure, while providing a hierarchical permission model to govern both user and machine access. The platform distinguishes itself through dynamic credential provisioning, which generates short-lived access tokens that are automatically revoked after use. It supports
Sops is a secrets encryption tool designed to encrypt and decrypt sensitive values within configuration files. It functions as a manager for secrets that integrates with cloud key vaults and PGP keys to secure data stored in version-controlled files.
Principalele funcționalități ale mozilla/sops sunt: Structure-Preserving, Cloud Secret Managers, Configuration Encryption, External Key Integration, GitOps Secret Management, Cloud KMS Integrations, Key Management Services, Secret Configuration Management.
Alternativele open-source pentru mozilla/sops includ: stackexchange/blackbox — Blackbox is a GPG secret management tool and asymmetric encryption wrapper used to securely store and share sensitive… bitnami-labs/sealed-secrets — Sealed Secrets is a Kubernetes secret encryption tool and controller designed for GitOps security. It provides a… agwa/git-crypt — git-crypt is a transparent cryptography layer and secret manager for Git repositories. It encrypts specific files so… infisical/infisical — Infisical is a centralized secrets management platform designed to store, synchronize, and control access to sensitive… gopasspw/gopass — gopass is a terminal-based password manager and GPG secret store used for generating, storing, and retrieving… hashicorp/boundary — Boundary is an identity-aware access proxy and privileged access management tool. It brokers secure network…