Teller is an open-source productivity secret manager that aims to help developers with cloud-native apps and multiple cloud providers. The tool was built by developer-first cybersecurity company Spectral to tackle the “last mile problem” of securing sensitive access and preventing data leaks. With Teller, developers never have to leave their terminal to use secrets while developing, testing, and building their apps, according to the company.
Users can also connect the project to any vault, key store, or cloud services such as Teller support Hashicorp Vault, AWS Secrets Manager, Google Secret Manager, and many more and eliminate the need for custom scripts and tokens in ‘.zshrc’ files. Teller also doesn’t expose anything to unauthorized users through the use of ‘teller’ and ‘.teller.yml’ files. Spectral explained this eliminates the complexities involved in manually exporting and setting up environment variables for running processes with demo or production-like setups.
It also provides an accessible Docker environment that eliminates the need for grabbing all kinds of variables, setting those up, and worrying about these appearing in the shell history. Teller can fight off secret sprawl and hard-coded secrets and integrate into the CI to work as a shift-left security tool in the DevSecOps pipeline.
The project can act as a redaction tool across the infrastructure and run processes while redacting their output while cleaning up logs and live tails of records. Bad actors are hard at work every day trying to exploit minor missteps in handling sensitive information. When they succeed, the results can be catastrophic,” said Dotan Nahum.
CEO and founder of Spectral. “With Teller, we have drawn on our vast experience in DevSecOps and made an open source product that closes a significant attack vector. Developers can now focus on moving quickly when working on new products and features while still keeping their InfoSec team happy — we’re also seeing many other innovative uses of Teller by the same professionals in their organization, and we’re building on top of that experience.
Additional details about the project are available here.