Switzerland has bunkers, we have HashiCorp Vault

Mar 11, 2019

In this talk, Hacknowledge security engineer Christophe Tafani-Dereeper outlines the concepts you need to know to understand Vault, and demonstrates some real-world scenarios.

HashiCorp Vault is specifically designed to secure and manage all kind of secrets—from passwords to database credentials to encryption keys. Learn how it can help your organization wrangle its security holes in a number of ways.

This talk will walk through:

  • Untrusted storage backends
  • Authentication methods
  • Sealing/unsealing processes
  • Response wrapping
  • Dynamically generated short-lived secrets

Building upon that, the session reviews several real-world scenarios, demonstrating how Vault can be used to implement a highly separated architecture, suitable for low-trust environments. For every scenario, you'll be put into an attacker's shoes, analyzing the potential impact on the overall architecture of a compromise in each component.

You can download the original slides here.

Stay Informed

Subscribe to our monthly newsletter to get the latest news and product updates.

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now