As a SaaS provider accelerating major e-commerce sites, we manage hundreds of secrets across teams and services I've always felt that putting them into 1Password was necessary, but probably not sufficient. Switching on Gorilla told me why — and what to do about it.

In large organizations, you're not dealing with dozens of secrets - you're dealing with thens of thousands. They're scattered across teams, environments, tools - and it's rarely clear who owns what, or whether they're still secure. What I like about Gorilla is that it brings structure to that mess. It helps you see what's actually in use, what's overexposed, and where governance is falling short.

With Elefant we support thousands of practices and handle a huge amount of sensitive health data. We've always used 1Password, but keeping track of who had access to what was getting messy. Gorilla gives me one clear view of which secrets we have, who has access to them, and real data on the integrity of our secrets instead of just hoping everything is sort of secure.

Gorilla brings the security oversight we always needed but never had with 1Password alone. As a financial services company, we must ensure strict compliance and especially proper user offboarding. With Gorilla, we finally have visibility and control.

Most companies treat secret storage as the finish line — Gorilla treats it as the starting point. What stood out to me is how they focus on what happens next: who has access, and whether it's been exposed and needs to be rotated. That last part - rotation - is super important, and Gorilla's the first tool I've seen that actually makes it possible.

As a clinic, we don't have a big IT department, and we rely on external partners for most of our technical operations. That makes it even more important to know when access needs to change and when passwords should be rotated. Gorilla gives us that clarity and makes the whole process straightforward.