Secret management is the practice of securely storing, accessing, rotating, and auditing sensitive information such as passwords, API keys, tokens, and certificates used by applications and pipelines. In DevSecOps, secret management is implemented by removing hardcoded credentials from source code and managing them centrally using tools like HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, or Kubernetes Secrets. These tools integrate with CI/CD pipelines to inject secrets securely at runtime, enforce least-privilege access, and enable automatic rotation. Proper secret management reduces security risks, supports compliance, and is a core skill covered in AWS DevSecOps Certification training for real-world cloud security implementations.