Manage Secrets and Protect Sensitive Data
The move to cloud involves a shift in operating model for infrastructure. Traditionally we had a relatively static world of dedicated servers, static IP addresses, and a clear network perimeter. In the cloud we have ephemeral and elastic pools of infrastructure with dynamic IP addresses, and no clear perimeter.
In a static world, we established a network perimeter and managed access based on IP address. For security teams, the cloud requires a fundamentally different approach: starting with understanding the network as inherently "low trust" and move to the idea of securing infrastructure and application services themselves, based on trusted identities and encrypting all secrets and application data.
HashiCorp Vault is a tool for managing secrets and protecting sensitive data. Vault is designed to help security teams secure, store, and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets, and other sensitive data using a UI, CLI, or HTTP API.