Webinar
Join the Live Webinar - Unlocking the Cloud Operating Model: Security in Multi-Cloud Sign Up Now
GitHubDownload
Download
Introducing

Advanced Data Protection with Vault

Manage Secrets and Protect Sensitive Data

Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.

UI
CLI

The shift to managing secrets and protecting data in dynamic infrastructure

Static Infrastructure

Datacenters with inherently high-trust networks with clear network perimeters.

Traditional Approach

  • High trust networks
  • A clear network perimeter
  • Security enforced by IP Address

Dynamic Infrastructure

Multiple clouds and private datacenters without a clear network perimeter.

Vault Approach

  • Low-trust networks in public clouds
  • Unknown network perimeter across clouds
  • Security enforced by Identity

Vault's Use Cases

» How Vault Works

Vault tightly controls access to secrets and encryption keys by authenticating against trusted sources of identity such as Active Directory, LDAP, Kubernetes, CloudFoundry, and cloud platforms. Vault enables fine grained authorization of which users and applications are permitted access to secrets and keys.

Watch video

Diagram illustrating how Vault manages authentication and secrets

Vault Case Study

Dan_McTeer_Adobe_HashiConf2017

Using Vault to securely handle 100 trillion transactions

Securing transactions used by millions of people across the world is not a small task. Read how HashiCorp Vault helps secure sensitive information at dramatic scale.

Read Case Study

Companies that trust Vault

  • Adobe Logo
  • SAP Ariba Logo
  • Hulu Logo
  • GM Cruise Logo
  • Equinix Logo
  • Petco Logo
  • Barclays Logo
  • Ultimate Software Logo
  • New Zealand Lotto Logo
  • Spaceflight Logo
  • Splunk Logo

Vault Principles

API Driven

Enable automation and CI/CD use cases while enabling policy to codify, protect, and govern access to secrets.

  1. $ curl \
  2. --header "X-Vault-Token: ..." \
  3. --request POST \
  4. --data @payload.json \
  6. https://127.0.0.1:8200/v1/secret/config

Secure with any Identity

Leverage any trusted identity provider, such as cloud IAM platforms, Kubernetes, Active Directory, to authenticate into Vault. Identity is scale independent, unlike IP addresses, which require complex firewall rules and frequent updates.

  • AWS Logo
  • Microsoft Azure Logo
  • Google Cloud Logo
  • Okta Logo
  • Cloud Foundry Logo
  • Alibaba Cloud Logo
  • SSH Logo
  • Kubernetes Logo
  • Github Logo

Extend and Integrate

Request secrets for any system through one consistent, audited, and secured workflow. Vault supports public clouds and private datacenters, and a broad range of endpoint systems including databases, cloud platforms, messaging queues, SSH, and more.

  • MySQL Logo
  • Cassandra Logo
  • Oracle Logo
  • AWS Logo
  • MongoDB Logo
  • Consul Logo
  • Microsoft SQL Server Logo
  • PostgreSQL Logo
  • Microsoft Azure Logo

Vault Open Source and Enterprise Features

Learn more about secrets management and data protection features with Vault Open Source and collaboration, governance, and multi-datacenter features with Vault Enterprise.

View Features Contact Sales

Related Resources

Show More