When the Levee Breaks: Protecting Vault Against Advanced Adversaries and Internal Threats
The cryptography and key management protecting HashiCorp Vault secrets is designed to stand up to concerted attacks from well-resourced, skilled adversaries. Here's how it works.
Shadow and Dust: Better Security Through HashiCorp Boundary and Ephemeral Infrastructure
Using Boundary's credential abstraction along with ephemeral targets makes it very hard for adversaries to gain anything.
Using HashiCorp Vault with Google Confidential Computing
We are excited to announce that HashiCorp Vault is now validated on Google Cloud Platform’s Confidential Computing service. Confidential Computing allows HashiCorp Vault to operate in environments with resilient host based security that adds additional protection through the use of memory encryption.
Vault Transform: Protecting Secrets in External Systems
Transform is a Secrets Engine that allows Vault to encode and decode sensitive values residing in external systems such as databases or file systems. This capability allows Vault to ensure that when an encoded secret’s residence system is compromised, such as when a database is breached and its data is exfiltrated, that those encoded secrets remain uncompromised even when held by an adversary.
Announcing HashiCorp Vault 1.3
We are excited to announce the public availability of HashiCorp Vault 1.3. Vault is a tool to provide secrets management, data encryption, and identity management for any infrastructure and application.
Quantum Security and Cryptography in HashiCorp Vault
As quantum computers grow in power and reliability, we at HashiCorp have been asked a number of questions about how we plan on protecting Vault against quantum threats.