Hear the story of what factors in the state of security led to the creation of Vault and why Mitchell Hashimoto and his colleagues made it the way they did.
This isn't an introduction to Vault talk. It's a look at the broader picture of why Vault needed to exist, and why it was engineered in a particular way.
In his presentation "Evolving Cloud Security With Vault" at the Latency 2019 conference, HashiCorp co-founder Mitchell Hashimoto shares what factors led him to the creation of HashiCorp Vault, a secrets management, identity, and encryption platform.
From this experience you'll learn general steps for finding a problem space and designing a product.
6:41 — Attempting a cloud-first commercial offering
10:50 — The security problem statement
16:15 — Designing Vault
22:14 — Building Vault
Philosophically firm views for Vault - Single source for secrets: Yes it's a single point of failure, but it's also a single point of consistency, excellence, manageability, and observability. - Human and machine access: Applications as well as people need access to secrets for true automation and speed. - Practical security: Flexible enough for multiple definitions and maturity levels of security.
29:10 — Negative feedback
Learn how to find constructive feedback and employ the "submarine strategy".
35:34 — Why did Vault succeed?