Term · 27. Emerging Categories 2024-2026

Secrets Management SM

IDM/IGA Domain

NHI Vendor PAM OWASP Introduced by: Big4 (Deloitte / PwC / EY / KPMG)

Definition

Centralized lifecycle management of API keys, database passwords, certificates, OAuth client secrets, encryption keys, and other machine credentials. Functions: secure storage (encryption-at-rest), access policies (who/what can retrieve), automated rotation, audit logging, integration with applications via SDK or sidecar pattern. Eliminates secrets in source code, config files, and developer machines.

Synonyms

Secret management

Application: Regulatory: OWASP NHI Top 10 (2025) / SAMM

Standards & regulations

OWASP

Related terms

Secrets Vaulting

Sub-discipline of Secrets Management focused on cryptographically secure storage and retrieval of machine credentials. V …
Short-Lived Credentials

Authentication tokens with brief lifetime (minutes to hours) instead of long-lived secrets (months to years). Foundation …
Login

Common term for the user-facing authentication interaction — entering credentials at a sign-in form. Modern patterns: pa …
Non-Human Identity (NHI)

Identities for service accounts, API keys, OAuth client secrets, machine certificates, workload identities (AWS IAM role …
Service Account (SA)

Non-human account used by applications, services, or scheduled tasks to authenticate to other systems. Common categories …
Technical Account (TA)

Generic term for non-human accounts used for system-to-system communication — synonymous with service account in many co …

← Back to glossary · Open in main list