HashiConf 2025 marks a new chapter for HashiCorp as an IBM Company. As we continue to advance the state of the art in unified infrastructure and security lifecycle management for hybrid cloud operations, we’re also building our vision for AI-driven infrastructure and security.
In the same way that DevOps and platform teams brought a revolution to infrastructure operations, we believe the next revolution will be intelligent operations — built on new AI models and agents that have a unified infrastructure knowledge base to draw on.
This post will present our vision for a single, AI-ready control plane and resource graph that provides a source of truth for infrastructure and security data.
»The problem: Fragmented visibility, growing complexity
We hear about these infrastructure management pain points constantly during our initial conversations with platform, cloud, security, and application teams:
- Disconnected systems of records
- Overwhelming security risk and vulnerability management workload
- Not enough company-wide best practices being used across infrastructure and development teams
- Difficult to visualize and manage the ownership of resources
- Lack of data and guardrails to forecast and control costs
- Not enough visibility or unified workflows to address misconfigurations and drift
- Poor coordination between security and operations
Centralized infrastructure as code, policy as code, secrets management, and access management — all implemented in a unified lifecycle management system like HashiCorp Cloud Platform (HCP) — solve a lot of these points. They enable a hybrid cloud operating model that enables standardization and automation with significant speed, security, and cost efficiency improvements, but there are still sources of friction:
- Skills gaps
- Not enough experts who know how to operate in the hybrid cloud
- Complex regulations/governance
- Standards compliance (PCI, FISMA, SOC 2, etc.)
- Data residency
- Massive-scale environments
We’re starting to manage millions of lines of code effectively, but how will we manage trillions? These are the expected challenges as we enter the AI era. But AI, like any new paradigm, has its own set of novel challenges.
»Intelligent operations: The starting line is context
AI needs context about your unique infrastructure to be effective. Generic LLMs don't know anything about your actual environment — What are your VPCs? What's in production? What's in the PCI zone? What component versions are you running?
While it's true that you can log into AWS, Google Cloud, or Azure and see all of your assets and events through their portals, you can’t see multiple cloud service providers’ data all in one place — and operators need more than just CSP data. The challenge is bringing together each custom business context and infrastructure environment for comprehensive management of systems, GRC, and cost.
There are so many information silos around large organizations that when a major patching event hits the news wire, like the Log4j security incident, you're stuck wading through disconnected systems, emailing dozens of teams, and building spreadsheets to make sure you've patched every instance of the vulnerable component.
We want to provide a view of your infrastructure estate and security posture without silos:
- More visibility into the "single source of truth" that HCP provides
- New visibility tools for managing ownership, misconfigurations, and remediation
- Eliminate context switching during analysis and debugging
- A live view — rather than a CSV dump — of what's being managed within HCP and outside of it (e.g. seeing when a resource is created outside of Terraform)
- More accurate forecasting and cost calculations with data from multiple systems
- The ability to drill down into any resource clusters in your infrastructure estate (e.g. any container running in a VPC) and see all their components with rich data
»Project infragraph: A knowledge graph for your infrastructure
At HashiConf 2025, we announced our initiative to build out this unified data nexus and revealed the project’s code name: Project infragraph. Project infragraph is a real-time infrastructure graph that is an expansion of the functionality of the HCP platform that connects infrastructure, applications, services, ownership, and policy in one place. We expect Project infragraph to enable a wide range of impactful outcomes:
| Feature | Outcome |
| Granular infrastructure details (from VMs to OS versions, packages, and environments) | Allows teams to rapidly pinpoint vulnerabilities and generate automated remediation plans |
| Rich application and ownership metadata | Improves security-to-operations handoffs by tying risk to responsible owners |
| Code and UI-driven query capabilities | Reduces manual processes, enabling faster, more intuitive access to infrastructure data |
| Normalized infrastructure insights | Makes information usable for AI, automation, and Day 2 operations |
| Support for event-driven capabilities | Enables intelligent AI and automation reactions for proactive operational responses |
Project infragraph represents the future of how HashiCorp and IBM will harness the power of AI and data to manage operations with high trust and confidence . The functionality will set a foundation for AI that, in time, might allow AI to do things we haven’t imagined today. As agentic AI evolves, those agents will be safely empowered to do even more things with the Project infragraph resource graph inside HCP.
You can apply to our private beta for project infragraph here.
»Agents and MCP servers: The future of autonomous operations
With Project infragraph providing a full resource graph for context, AI agents now have what they need to make multi-step solutions based on that data. How do operators and machines interface with LLMs and agents to guide actions against this resource graph?
We see Model Context Protocol (MCP) servers as a critical new interface layer between trusted automation systems and emerging AI ecosystems. The use of MCP enables auditable, standards-based interactions between AI agents and enterprise infrastructure.
We’ve already released beta versions of three MCP servers for our products:
With these servers, operators will be able to perform actions and ask questions using natural language. For example, using the Vault Radar MCP server, teams can ask the following instead of navigating multiple interfaces: “Which leaked secret events are of critical severity and present in Vault?”
With this query, the AI agent will use Vault Radar to query your environment and render output within the chat interface. Secrets are never shared through Vault and Vault Radar MCP servers, and AI agent access is only activated during a user’s prompt, so there is no persistent connection or background data exchange.
We envision AI agents being able to help operations work faster and scale further than they ever have before as AI technologies evolve and organizations centralize more of their infrastructure management into one platform. Having a combined infrastructure resource graph gives AI the context it needs to become truly powerful.
»What’s next: From vision to reality
Organizations need to begin preparing for intelligent operations with today’s tools. A unified lifecycle management platform for hybrid cloud operations provides the backbone for AI.
You can explore our full vision for intelligent lifecycle automation in Armon Dadgar’s Day 2 keynote.
Our MCP servers are now in public beta and available for testing. Try them out and give us your insights to help us discover new AI-driven workflows that could help your teams be more successful. In addition, you can submit an application for the private beta of Project infragraph.
