Azure confidential computing instances offer the opportunity to quickly protect any application from insider threats, leveraging Intel® Software Guard Extensions (SGX)-enabled CPUs and Anjuna Enterprise Enclaves software. With a single command, Anjuna automatically creates a secure enclave that isolates and encrypts all application resources in runtime, at rest, and on the network, to achieve the strongest end-to-end data protection available. No changes to the application code or SDKs required.
Anjuna Enterprise Enclaves for Vault secure HashiCorp Vault against insider threats that can compromise secrets, leveraging Azure’s confidential computing instances and Intel® Software Guard Extensions (SGX).
HashiCorp Vault is a tool for securely managing secrets, such as API keys, passwords, certificates, and other important information. But Vault has a vulnerability common to many applications: it leverages a master key that is used to gain access to its data. This key is exposed in plain text in memory, making it easily accessible to insiders. With that master key, a bad actor can simply decrypt Vault secrets and gain unfettered access to protected assets.
Leveraging the Azure confidential computing Platform and Intel SGX, Anjuna Enterprise Enclaves for Vault eliminates this and other critical vulnerabilities to encrypt the Vault master key in memory--even from attackers that gain root access to the virtual machine. Even more, it protects HashiCorp Vault from a host of other potential documented exploits, including those caused by a misconfigured host server and man-in-the-middle attacks.
Anjuna Enterprise Enclaves for HashiCorp Vault includes a pre-configured instance and step-by-step instructions that help you quickly get a fully protected secrets-management solution running in an Azure confidential computing virtual machine.
For more information or support, please contact Anjuna at firstname.lastname@example.org