[{"data":1,"prerenderedAt":469},["ShallowReactive",2],{"/de-de/the-source/authors/jlongo":3,"footer-de-de":32,"the-source-banner-de-de":340,"the-source-navigation-de-de":352,"the-source-newsletter-de-de":379,"footer-source-/de-de/the-source/authors/jlongo/":390,"authors-de-de":400,"categories-de-de":430,"jlongo-articles-list-de-de":431},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"config":8,"seo":10,"content":12,"type":23,"slug":24,"_id":25,"_type":26,"title":27,"_source":28,"_file":29,"_stem":30,"_extension":31},"/de-de/the-source/authors/jlongo","authors",false,"",{"layout":9},"the-source",{"title":11},"Joseph Longo",[13,21],{"componentName":14,"componentContent":15},"TheSourceAuthorHero",{"config":16,"name":11,"headshot":18},{"gitlabHandle":17},"jlongo_gitlab",{"altText":11,"config":19},{"src":20},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463434/uoxaknpmoposbbgzqji8.png",{"componentName":22},"TheSourceArticlesList","author","jlongo","content:de-de:the-source:authors:jlongo.yml","yaml","Jlongo","content","de-de/the-source/authors/jlongo.yml","de-de/the-source/authors/jlongo","yml",{"_path":33,"_dir":34,"_draft":6,"_partial":6,"_locale":7,"data":35,"_id":336,"_type":26,"title":337,"_source":28,"_file":338,"_stem":339,"_extension":31},"/shared/de-de/main-footer","de-de",{"text":36,"source":37,"edit":43,"contribute":48,"config":53,"items":58,"minimal":328},"Git ist eine Marke von Software Freedom Conservancy und unsere Verwendung von „GitLab“ erfolgt unter Lizenz.",{"text":38,"config":39},"Quelltext der Seite anzeigen",{"href":40,"dataGaName":41,"dataGaLocation":42},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":44,"config":45},"Diese Seite bearbeiten",{"href":46,"dataGaName":47,"dataGaLocation":42},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":49,"config":50},"Beteilige dich",{"href":51,"dataGaName":52,"dataGaLocation":42},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":54,"facebook":55,"youtube":56,"linkedin":57},"https://x.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[59,86,159,227,289],{"title":60,"links":61,"subMenu":67},"Plattform",[62],{"text":63,"config":64},"DevSecOps-Plattform",{"href":65,"dataGaName":66,"dataGaLocation":42},"/de-de/platform/","devsecops platform",[68],{"title":69,"links":70},"Preise",[71,76,81],{"text":72,"config":73},"Tarife anzeigen",{"href":74,"dataGaName":75,"dataGaLocation":42},"/de-de/pricing/","view plans",{"text":77,"config":78},"Vorteile von Premium",{"href":79,"dataGaName":80,"dataGaLocation":42},"/de-de/pricing/premium/","why premium",{"text":82,"config":83},"Vorteile von Ultimate",{"href":84,"dataGaName":85,"dataGaLocation":42},"/de-de/pricing/ultimate/","why ultimate",{"title":87,"links":88},"Lösungen",[89,94,99,104,109,114,119,124,129,134,139,144,149,154],{"text":90,"config":91},"Digitale Transformation",{"href":92,"dataGaName":93,"dataGaLocation":42},"/de-de/topics/digital-transformation/","digital transformation",{"text":95,"config":96},"Sicherheit und Compliance",{"href":97,"dataGaName":98,"dataGaLocation":42},"/de-de/solutions/application-security-testing/","Application security testing",{"text":100,"config":101},"Automatisierte Softwarebereitstellung",{"href":102,"dataGaName":103,"dataGaLocation":42},"/de-de/solutions/delivery-automation/","automated software delivery",{"text":105,"config":106},"Agile Entwicklung",{"href":107,"dataGaName":108,"dataGaLocation":42},"/de-de/solutions/agile-delivery/","agile delivery",{"text":110,"config":111},"Cloud-Transformation",{"href":112,"dataGaName":113,"dataGaLocation":42},"/de-de/topics/cloud-native/","cloud transformation",{"text":115,"config":116},"SCM",{"href":117,"dataGaName":118,"dataGaLocation":42},"/de-de/solutions/source-code-management/","source code management",{"text":120,"config":121},"CI/CD",{"href":122,"dataGaName":123,"dataGaLocation":42},"/de-de/solutions/continuous-integration/","continuous integration & delivery",{"text":125,"config":126},"Wertstrommanagement",{"href":127,"dataGaName":128,"dataGaLocation":42},"/de-de/solutions/value-stream-management/","value stream management",{"text":130,"config":131},"GitOps",{"href":132,"dataGaName":133,"dataGaLocation":42},"/de-de/solutions/gitops/","gitops",{"text":135,"config":136},"Enterprise",{"href":137,"dataGaName":138,"dataGaLocation":42},"/de-de/enterprise/","enterprise",{"text":140,"config":141},"Kleinunternehmen",{"href":142,"dataGaName":143,"dataGaLocation":42},"/de-de/small-business/","small business",{"text":145,"config":146},"Öffentlicher Sektor",{"href":147,"dataGaName":148,"dataGaLocation":42},"/de-de/solutions/public-sector/","public sector",{"text":150,"config":151},"Bildungswesen",{"href":152,"dataGaName":153,"dataGaLocation":42},"/de-de/solutions/education/","education",{"text":155,"config":156},"Finanzdienstleistungen",{"href":157,"dataGaName":158,"dataGaLocation":42},"/de-de/solutions/finance/","financial services",{"title":160,"links":161},"Ressourcen",[162,167,172,177,182,187,192,197,202,207,212,217,222],{"text":163,"config":164},"Installieren",{"href":165,"dataGaName":166,"dataGaLocation":42},"/de-de/install/","install",{"text":168,"config":169},"Kurzanleitungen",{"href":170,"dataGaName":171,"dataGaLocation":42},"/de-de/get-started/","quick setup checklists",{"text":173,"config":174},"Lernen",{"href":175,"dataGaName":176,"dataGaLocation":42},"https://university.gitlab.com/","learn",{"text":178,"config":179},"Produktdokumentation",{"href":180,"dataGaName":181,"dataGaLocation":42},"https://docs.gitlab.com/","docs",{"text":183,"config":184},"Blog",{"href":185,"dataGaName":186,"dataGaLocation":42},"/de-de/blog/","blog",{"text":188,"config":189},"Kundenerfolge",{"href":190,"dataGaName":191,"dataGaLocation":42},"/de-de/customers/","customer success stories",{"text":193,"config":194},"Remote",{"href":195,"dataGaName":196,"dataGaLocation":42},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":198,"config":199},"GitLab-Services",{"href":200,"dataGaName":201,"dataGaLocation":42},"/de-de/services/","services",{"text":203,"config":204},"TeamOps",{"href":205,"dataGaName":206,"dataGaLocation":42},"/de-de/teamops/","teamops",{"text":208,"config":209},"Community",{"href":210,"dataGaName":211,"dataGaLocation":42},"/community/","community",{"text":213,"config":214},"Forum",{"href":215,"dataGaName":216,"dataGaLocation":42},"https://forum.gitlab.com/","forum",{"text":218,"config":219},"Veranstaltungen",{"href":220,"dataGaName":221,"dataGaLocation":42},"/events/","events",{"text":223,"config":224},"Partner",{"href":225,"dataGaName":226,"dataGaLocation":42},"/de-de/partners/","partners",{"title":228,"links":229},"Unternehmen",[230,235,240,245,250,255,260,264,269,274,279,284],{"text":231,"config":232},"Über",{"href":233,"dataGaName":234,"dataGaLocation":42},"/de-de/company/","company",{"text":236,"config":237},"Karriere",{"href":238,"dataGaName":239,"dataGaLocation":42},"/jobs/","jobs",{"text":241,"config":242},"Geschäftsführung",{"href":243,"dataGaName":244,"dataGaLocation":42},"/company/team/e-group/","leadership",{"text":246,"config":247},"Team",{"href":248,"dataGaName":249,"dataGaLocation":42},"/company/team/","team",{"text":251,"config":252},"Handbuch",{"href":253,"dataGaName":254,"dataGaLocation":42},"https://handbook.gitlab.com/","handbook",{"text":256,"config":257},"Investor Relations",{"href":258,"dataGaName":259,"dataGaLocation":42},"https://ir.gitlab.com/","investor relations",{"text":261,"config":262},"Sustainability",{"href":263,"dataGaName":261,"dataGaLocation":42},"/sustainability/",{"text":265,"config":266},"Vielfalt, Inklusion und Zugehörigkeit",{"href":267,"dataGaName":268,"dataGaLocation":42},"/de-de/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":270,"config":271},"Trust Center",{"href":272,"dataGaName":273,"dataGaLocation":42},"/de-de/security/","trust center",{"text":275,"config":276},"Newsletter",{"href":277,"dataGaName":278,"dataGaLocation":42},"/company/contact/","newsletter",{"text":280,"config":281},"Presse",{"href":282,"dataGaName":283,"dataGaLocation":42},"/press/","press",{"text":285,"config":286},"Transparenzerklärung zu moderner Sklaverei",{"href":287,"dataGaName":288,"dataGaLocation":42},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"title":290,"links":291},"Nimm Kontakt auf",[292,297,302,307,312,317,322],{"text":293,"config":294},"Sprich mit einem Experten/einer Expertin",{"href":295,"dataGaName":296,"dataGaLocation":42},"/de-de/sales/","sales",{"text":298,"config":299},"Support",{"href":300,"dataGaName":301,"dataGaLocation":42},"/support/","get help",{"text":303,"config":304},"Kundenportal",{"href":305,"dataGaName":306,"dataGaLocation":42},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"text":308,"config":309},"Status",{"href":310,"dataGaName":311,"dataGaLocation":42},"https://status.gitlab.com/","status",{"text":313,"config":314},"Nutzungsbedingungen",{"href":315,"dataGaName":316,"dataGaLocation":42},"/terms/","terms of use",{"text":318,"config":319},"Datenschutzerklärung",{"href":320,"dataGaName":321,"dataGaLocation":42},"/de-de/privacy/","privacy statement",{"text":323,"config":324},"Cookie-Einstellungen",{"dataGaName":325,"dataGaLocation":42,"id":326,"isOneTrustButton":327},"cookie preferences","ot-sdk-btn",true,{"items":329},[330,332,334],{"text":313,"config":331},{"href":315,"dataGaName":316,"dataGaLocation":42},{"text":318,"config":333},{"href":320,"dataGaName":321,"dataGaLocation":42},{"text":323,"config":335},{"dataGaName":325,"dataGaLocation":42,"id":326,"isOneTrustButton":327},"content:shared:de-de:main-footer.yml","Main Footer","shared/de-de/main-footer.yml","shared/de-de/main-footer",{"_path":341,"_dir":342,"_draft":6,"_partial":6,"_locale":7,"id":343,"visibility":327,"title":344,"button":345,"_id":349,"_type":26,"_source":28,"_file":350,"_stem":351,"_extension":31},"/shared/de-de/the-source/banner/the-economics-of-software-innovation-2025-08-18","banner","The Economics of Software Innovation","The Economics of Software Innovation—AI’s $750 Billion Opportunity",{"config":346,"text":348},{"href":347},"/software-innovation-report/","Get the research report","content:shared:de-de:the-source:banner:the-economics-of-software-innovation-2025-08-18.yml","shared/de-de/the-source/banner/the-economics-of-software-innovation-2025-08-18.yml","shared/de-de/the-source/banner/the-economics-of-software-innovation-2025-08-18",{"_path":353,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"logo":354,"subscribeLink":359,"navItems":363,"_id":375,"_type":26,"title":376,"_source":28,"_file":377,"_stem":378,"_extension":31},"/shared/de-de/the-source/navigation",{"altText":355,"config":356},"the source logo",{"src":357,"href":358},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1750191004/t7wz1klfb2kxkezksv9t.svg","/de-de/the-source/",{"text":360,"config":361},"Abonnieren",{"href":362},"#subscribe",[364,368,371],{"text":365,"config":366},"Künstliche Intelligenz",{"href":367},"/de-de/the-source/ai/",{"text":95,"config":369},{"href":370},"/de-de/the-source/security/",{"text":372,"config":373},"Plattform und Infrastruktur",{"href":374},"/de-de/the-source/platform/","content:shared:de-de:the-source:navigation.yml","Navigation","shared/de-de/the-source/navigation.yml","shared/de-de/the-source/navigation",{"_path":380,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"title":381,"description":382,"submitMessage":383,"formData":384,"_id":387,"_type":26,"_source":28,"_file":388,"_stem":389,"_extension":31},"/shared/de-de/the-source/newsletter","The-Source-Newsletter","Bleibe mit Erkenntnissen für die Zukunft der Softwareentwicklung auf dem Laufenden.","Du hast dich erfolgreich für den Newsletter von The Source angemeldet.",{"config":385},{"formId":386,"formName":278,"hideRequiredLabel":327},28465,"content:shared:de-de:the-source:newsletter.yml","shared/de-de/the-source/newsletter.yml","shared/de-de/the-source/newsletter",{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"config":391,"seo":392,"content":393,"type":23,"slug":24,"_id":25,"_type":26,"title":27,"_source":28,"_file":29,"_stem":30,"_extension":31},{"layout":9},{"title":11},[394,399],{"componentName":14,"componentContent":395},{"config":396,"name":11,"headshot":397},{"gitlabHandle":17},{"altText":11,"config":398},{"src":20},{"componentName":22},{"amanda-rueda":401,"andre-michael-braun":402,"andrew-haschka":403,"ayoub-fandi":404,"brian-wald":405,"bryan-ross":406,"chandler-gibbons":407,"dave-steer":408,"ddesanto":409,"derek-debellis":410,"emilio-salvador":411,"erika-feldman":412,"george-kichukov":413,"gitlab":414,"grant-hickman":415,"haim-snir":416,"iganbaruch":417,"jlongo":11,"joel-krooswyk":418,"josh-lemos":419,"julie-griffin":420,"kristina-weis":421,"lee-faus":422,"ncregan":423,"rschulman":424,"sabrina-farmer":425,"sandra-gittlen":426,"sharon-gaudin":427,"stephen-walters":428,"taylor-mccaslin":429},"Amanda Rueda","Andre Michael Braun","Andrew Haschka","Ayoub Fandi","Brian Wald","Bryan Ross","Chandler Gibbons","Dave Steer","David DeSanto","Derek DeBellis","Emilio Salvador","Erika Feldman","George Kichukov","GitLab","Grant Hickman","Haim Snir","Itzik Gan Baruch","Joel Krooswyk","Josh Lemos","Julie Griffin","Kristina Weis","Lee Faus","Niall Cregan","Robin Schulman","Sabrina Farmer","Sandra Gittlen","Sharon Gaudin","Stephen Walters","Taylor McCaslin",{"ai":365,"platform":372,"security":95},[432],{"_path":433,"_dir":434,"_draft":6,"_partial":6,"_locale":7,"slug":435,"type":436,"category":434,"config":437,"seo":439,"content":442,"_id":466,"_type":26,"title":444,"_source":28,"_file":467,"_stem":468,"_extension":31,"description":443,"date":445,"timeToRead":446,"heroImage":447,"keyTakeaways":448,"articleBody":452,"faq":453},"/de-de/the-source/security/how-to-implement-secret-management-best-practices-with-gitlab","security","how-to-implement-secret-management-best-practices-with-gitlab","article",{"layout":9,"template":438,"featured":6,"author":24,"isHighlighted":6,"authorName":11},"TheSourceArticle",{"description":440,"ogDescription":440,"title":441,"ogTitle":441},"So implementierst du sicheres Secret Management mit GitLab. Praktische Tipps für API-Keys, Passwörter und sensible Daten im DevOps-Workflow.","Secret Management Best Practices mit GitLab umsetzen",{"description":443,"title":444,"date":445,"timeToRead":446,"heroImage":447,"keyTakeaways":448,"articleBody":452,"faq":453},"Ein unsicherer Umgang mit Geheimnissen stellt ein Risiko für Unternehmen dar, die Kundendaten speichern und schützen sollten. Erfahre, wie du diese Risiken minderst und das Vertrauen stärkst.","So implementierst du mit GitLab Best Practices für den Umgang mit Geheimnissen","2024-03-12T00:00:00.000Z","5 min read","https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463593/wgbh2snwpsyle9jom1k1.png",[449,450,451],"Ein unsicherer Umgang mit Geheimnissen birgt das Risiko von Datenschutzverletzungen. Die native Integration von GitLab verbessert dagegen die Sicherheit.","Durch einen überprüfbaren, zuordenbaren Umgang mit Geheimnissen können Sicherheitsteams abnormale oder böswillige Aktivitäten erkennen und schnell darauf reagieren.","GitLab unterstützt die Speicherung und Verwendung von Geheimnissen mit robusten Zugriffskontrollen und Erkennungstools.","Insecure secret management practices (SMPs) pose a significant risk to any company, especially those tasked with the storage and protection of their customers' data. It's a common problem, and it is often at the core of a company's risk register. A leaked secret can result in a loss of confidentiality and potentially a data breach. These types of incidents can lead to significant financial losses and a loss of trust amongst an entity's customer base.\n\nFor many companies, insecure SMPs may result from a lack of expertise or being unaware of the tools and strategies that exist to solve this issue. Appropriate SMPs can help reduce the potential for compromise and increase trust in an organization's secret management strategy. In this post, we will discuss secret management best practices, GitLab's ability to support those practices, and our strategy for improving the DevSecOps platform's native secret management capabilities.\n\n## Develop a cryptographic strategy\n\nEvery company needs a cryptographic strategy as a foundation to ensure developers are operating in a standardized way and all applications and their components are being developed in accordance with the company's cryptographic requirements.\n\nUnderstanding the data your company processes, and your company's risk tolerance and threat landscape will help you develop a strong cryptographic strategy.\n\n### Secret generation\n\nSecrets, including access tokens and SSH keys, should be generated using cryptographic devices such as Hardware Security Modules (HSM). These devices help generate cryptographically strong secrets and store them in a tamper- and intrusion-resistant manner.\n\nWhile relying on physical devices can be costly and operationally prohibitive for companies, the leading cloud service providers offer cloud HSM services – for example, [AWS CloudHSM](https://aws.amazon.com/cloudhsm/) and [GCP Cloud HSM](https://cloud.google.com/kms/docs/hsm).\n\n### Secret storage\n\nStoring secrets is just as critical as generating them. Generated secrets must be stored in a manner that supports secure long-term storage and enables users to securely retrieve and use them when necessary.\n\nThe leading cloud service providers, as well as security companies such as [HashiCorp](https://www.vaultproject.io/), offer cloud-based services for securely storing and retrieving secrets. These services enable users to seamlessly leverage secrets within their processes and code, thereby eliminating the need to hardcode secrets.\n\n#### How does GitLab support secret storage?\n\nGitLab provides native support for the following [secret management providers](https://docs.gitlab.com/ee/ci/secrets/index.html):\n\n- Vault by HashiCorp\n- Google Cloud Secret Manager\n- Azure Key Vault\n\nBy configuring GitLab to connect with a secret management provider, secrets are explicitly requested only when needed by a CI job. When secrets aren't needed by CI jobs, they remain securely stored in the secret management service's environment, thereby reducing the potential for compromise. In addition to native support for the above secret management providers, GitLab also offers [OIDC authentication](https://docs.gitlab.com/ee/ci/secrets/id_token_authentication.html) to authenticate against other providers (i.e. AWS Secret Manager). This is a much more secure and preferred method of storing secrets when compared to storing and [masking](https://docs.gitlab.com/ee/ci/variables/#mask-a-cicd-variable) secrets as CI/CD variables.\n\n### Secret use\n\nSecrets should be used for a single purpose. Reusing secrets across different applications or services increases the potential for exposure and increases the impact if the secrets are compromised.\n\nTo reduce the potential for exposure or malicious activity, access to secrets should be controlled with the [principle of least privilege](https://about.gitlab.com/blog/the-ultimate-guide-to-least-privilege-access-with-gitlab/) in mind. Access should only be granted to the individuals or services that require such access in order to support their work and operational activities.\n\n#### How does GitLab support secret use?\n\nGitLab provides administrators with a strong [role-based access control model](https://docs.gitlab.com/ee/user/permissions.html) and also offers the ability to create [custom roles](https://docs.gitlab.com/ee/user/custom_roles.html), thereby allowing administrators to align access profiles with their organizational standards and risk tolerance.\n\nGitLab also allows users to perform [secret detection](https://docs.gitlab.com/ee/user/application_security/secret_detection/) to check for unintentionally committed secrets and credentials. GitLab Ultimate users can enforce [automatic responses to leaked secrets](https://docs.gitlab.com/ee/user/application_security/secret_detection/automatic_response/), such as revoking the secret, to mitigate the impact of leaked credentials.\n\n### Auditability\n\nAccess and use of secrets should be auditable and attributable. In an ideal scenario, individuals would not have access to view secrets in plaintext, but the state of a company's operations are not always ideal.\n\nAuditable and attributable secret management allows security teams to monitor for anomalous or malicious activity, and quickly respond to such activity through automated and manual intervention.\n\n#### How does GitLab support auditability?\n\nGitLab's [audit events](https://docs.gitlab.com/ee/administration/audit_events.html) capture activities related to tokens and keys that are created within GitLab. Some examples include:\n\n- personal access token events\n- deploy token events\n- cluster agent token events\n\nThese activities are saved to the database and are also available for [audit event streaming](https://docs.gitlab.com/ee/administration/audit_event_streaming/) for GitLab Ultimate customers.\n\n## Upcoming: GitLab Secret Manager\n\nGitLab plans to launch a native secret management experience in late 2024. GitLab Secret Manager is a multi-tenant, cloud-based solution and will be accessible to both GitLab.com and self-managed customers via our Cloud Connector service. This new service offers an easy-to-use interface, consistent with the current CI/CD variables interface, making adoption easier than a third-party product with a minimal learning curve. The GitLab Secret Manager will ensure the security and protection of sensitive information in your CI pipelines.\n\n> For more information or questions about GitLab Secret Manager, please visit our [MVC epic](https://gitlab.com/groups/gitlab-org/-/epics/10723) and leave a comment.",[454,457,460,463],{"header":455,"content":456},"Was ist der Umgang mit Geheimnissen bzw. Geheimnismanagement und warum ist dies für die Softwaresicherheit wichtig?","Beim Umgang mit Geheimnissen, auch Geheimnismanagement genannt, geht es darum, vertrauliche Informationen wie API-Schlüssel, Zugriffstoken und Passwörter sicher zu speichern, darauf zuzugreifen und sie sicher zu nutzen. Ein solides Geheimnismanagement verhindert den unautorisierten Zugriff, senkt das Risiko von Datenschutzverletzungen und stellt die Vertraulichkeit und Integrität sensibler Daten bei der Softwareentwicklung und in Bereitstellungsprozessen sicher.",{"header":458,"content":459},"Wie unterstützt GitLab die sichere Speicherung und den sicheren Abruf von Geheimnissen?","GitLab lässt sich in führende Sicherheitsmanagementlösungen integrieren, darunter Vault von HashiCorp, Google Cloud Secret Manager und Azure Key Vault. Dank dieser Integrationen können Geheimnisse sicher gespeichert und explizit nur dann abgerufen werden, wenn sie von CI-Jobs benötigt werden. So wird das Risiko für Verstöße und unautorisierten Zugriff gesenkt.",{"header":461,"content":462},"Was sind die besten Methoden, um Geheimnisse zu generieren und zu verwenden?","- __Erstellung von Geheimnissen__: Verwende kryptografische Geräte wie Hardware Security Modules (HSMs), um starke Geheimnisse zu erstellen. Cloud-HSM-Dienste (z. B. AWS CloudHSM, GCP Cloud HSM) bieten kostengünstige, manipulationssichere Lösungen für die Erstellung von Geheimnissen.\n- __Verwendung von Geheimnissen__: Setze auf das Prinzip des geringsten Privilegs, um sicherzustellen, dass Geheimnisse nur für einen einzigen Zweck verwendet werden können und dass nur autorisierte Benutzer(innen) oder Dienste darauf zugreifen könne. Vermeide, Geheimnisse fest zu programmieren, um Kompromittierungen zu verhindern.",{"header":464,"content":465},"Wie hilft GitLab bei der Erkennung von Geheimnissen und der Überprüfbarkeit?","GitLab bietet eine Erkennung von Geheimnissen, mit der du nach Geheimnisse und Zugangsdaten suchen kannst, die versehentlich kompromittiert wurden. Administrator(inn)en können automatisierte Reaktionen erzwingen, z. B. durch das Widerrufen von durchgesickerten Geheimnissen, um Sicherheitsbedrohungen zu minimieren. Zudem können Audit Events Aktivitäten in Bezug auf die Nutzung von Tokens und Schlüsseln erfassen und streamen, wodurch eine kontinuierliche Überwachung sowie die Erkennung von Anomalien möglich werden.","content:de-de:the-source:security:how-to-implement-secret-management-best-practices-with-gitlab.yml","de-de/the-source/security/how-to-implement-secret-management-best-practices-with-gitlab.yml","de-de/the-source/security/how-to-implement-secret-management-best-practices-with-gitlab",1761814406575]