Demo

Switzerland has bunkers, we have HashiCorp Vault

Published 7:00 AM UTC Mar 11, 2019

In this talk, Hacknowledge security engineer Christophe Tafani-Dereeper outlines the concepts you need to know to understand Vault, and demonstrates some real-world scenarios.

HashiCorp Vault is specifically designed to secure and manage all kind of secrets—from passwords to database credentials to encryption keys. Learn how it can help your organization wrangle its security holes in a number of ways.

This talk will walk through: - Untrusted storage backends - Authentication methods - Sealing/unsealing processes - Response wrapping - Dynamically generated short-lived secrets

Building upon that, the session reviews several real-world scenarios, demonstrating how Vault can be used to implement a highly separated architecture, suitable for low-trust environments. For every scenario, you'll be put into an attacker's shoes, analyzing the potential impact on the overall architecture of a compromise in each component.

You can download the original slides here.

More resources like this one

  • 4/11/2024
  • FAQ

Introduction to HashiCorp Vault

Vault identity diagram
  • 12/28/2023
  • FAQ

Why should we use identity-based or "identity-first" security as we adopt cloud infrastructure?

  • 3/14/2023
  • Article

5 best practices for secrets management

  • 2/3/2023
  • Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

View all resources