Transformation (tokenization) Secret Engine for PCI DSS

In this 15 minute session, we explain the difference between the Transform Secrets Engine and the Transit Secrets Engine. We outline what it is, when to use it, and why it’s different from existing engines. We also provide a quick demo to see it in action.


  • Takayuki Kaburagi
    Takayuki KaburagiStaff Solutions Engineer / Vault SME, HashiCorp

Take a look at our upcoming HashiCorp Snapshots

We will be running HashiCorp Snapshots regularly, each focussing on a specific use case for Terraform, Vault, Consul, and Nomad. Register now for the next one.


More resources like this one

Vault identity diagram
  • 12/28/2023
  • FAQ

Why should we use identity-based or "identity-first" security as we adopt cloud infrastructure?

  • 3/14/2023
  • Article

5 best practices for secrets management

  • 2/3/2023
  • Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

  • 1/20/2023
  • Case Study

Adopting GitOps and the Cloud in a Regulated Industry