Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lacks end-to-end encryption #470

Open
gedw99 opened this issue Nov 26, 2024 · 1 comment
Open

Lacks end-to-end encryption #470

gedw99 opened this issue Nov 26, 2024 · 1 comment

Comments

@gedw99
Copy link

gedw99 commented Nov 26, 2024

This is Doppler's most significant drawback, and it's a big one.

If Doppler is compromised, whether by an outside attacker, a rogue insider, or one of the third-party sub-processors that Doppler trusts with access to its front-end dashboard or back-end systems, then all of your secrets are likely to be compromised.
@watsonian
Copy link
Contributor

@gedw99 Thanks for writing in about this! Security is something that we take very seriously at Doppler and we want to be clear about both the benefits and risks that our users take on when using our tools. Our security team is working on a response that we’ll post here and add to our Security Fact Sheet.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@watsonian @gedw99