Skip to content

Figgy today#

Figgy was created as a result of years of experience witnessing constant tension resulting from inefficient and insecure processes and practices around configuration and secret management. Figgy was built with the belief that with the right approach, and a deft hand at automation, development, operations, security, and data teams can efficiently and securely collaborate while having their individual and collective interests met. Fundamentally, Figgy seeks to prove that security and operational reliability does not require compromising development efficiency. We can all be winners.

Why configuration and secret management?#

Configuration and secret management processes vary widely between organizations and little guidance is provided on securely and efficiently implementing and scaling these processes. Instead, organizations often lean on tools like Hashicorp Vault to tick the security checkbox with little consideration of how to effectively implement and scale these solutions. Not only does this bind organizations to expensive and complex internal or third party tools, but a lack of guidance often results in compromising least privilege, and the accumulation of technical debt as teams grapple with configuration sprawl. Effective implementations of least privilege do more than minimize risk. When implemented correctly, least privilege provides clarity of purpose and simplifies troubleshooting.

These lessons learned all influenced the desire to publicize a working implementation using cloud-native services. Figgy is that implementation.

Who#

Figgy is a passion project developed and maintained by Jordan Mance (me). I am a full stack engineer with a specialization in cloud architecture, platform development, and DevSecOps. I've spent the past decade helping organizations facilitate rapid product focused development by adopting cloud native design principles and DevSecOps practices. I've found the most success by scaling DevSecOps culture and processes internally while supporting those processes with tools that empower engineers of all disciplines. Adoption is best gained by building tools people want to use, not forcing them. I believe engineers are most effective when they can focus on their discipline. We are specialized for a reason, and fostering DevOps is no excuse to expect all engineers across all disciplines to be generalists.

Jordan and his amazing wife Miriah.

Jordan & Miriah