tl;dr: There's no silver bullet, but if we put some "lead" bullets in the right places, we have a good shot at keeping sensitive data out of logs."This is the blog version of a talk I gave at LocoMocoSec 2024. It’s mostly a lightly edited transcript with some screenshots, so if you’d prefer, you can watch the video or just flip through the slides."This post is about how to keep secrets out of logs, and my claim is that (like many things in security) there isn’t a singular action or silver bullet...