TrustRadius: an HG Insights company

HashiCorp Vault

Score8.4 out of 10

21 Reviews and Ratings

Get a Demo

What is HashiCorp Vault?

HashiCorp offers Vault, an encryption tool of use in the management of secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods. It is available open source, or under an enterprise license.

Categories & Use Cases

Media

Screenshot of Example of writing a secret to Vault. Secrets are always encrypted and written to backend storage. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-first-secret
Screenshot of Secrets menu to manage integrated secrets engines. Secrets Engines are components which store, generate, or encrypt data and are enabled at a path in Vault. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-ui
Screenshot of Vault identity has support for groups. A group can contain multiple entities as its members. A group can also have subgroups. To learn more: https://developer.hashicorp.com/vault/docs/concepts/identity
Screenshot of HCP Vault provides all of the power and security of Vault, without the complexity and overhead of managing it yourself. To learn more: https://cloud.hashicorp.com/products/vault
Screenshot of View entity client and non-entity client counts.
Screenshot of MFA is built on top of the Identity system of Vault. To learn more: https://developer.hashicorp.com/vault/docs/auth/login-mfa

1 / 6

Screenshot of Example of writing a secret to Vault. Secrets are always encrypted and written to backend storage. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-first-secret

Reviews

What users are saying about HashiCorp Vault.
View all reviews

Excellent choice for you business Secrets Management Solution

Fabricio Zubelli
DevOps Engineer in Engineering at Kea (51-200 employees employees)

Use Cases and Deployment Scope

We leverage HashiCorp Vault capabilities for storing and managing our secrets and company passwords. HashiCorp Vault integrates with applications and tools to enable transparent secure sensitive information retrieval programmatically. By leveraging HashiCorp Vault we can go with IAC/CAC on almost everything we build. HashiCorp Vault also makes it easy to share secrets between team members and the organization.

Pros

  • Store secrets
  • Store configurations
  • Integrate with kubernetes
  • Audit log of changes
  • Team secret sharing
  • Real time in transit encryption

Cons

  • Session Management is terrible to manage
  • Monitoring is hard and not enough information
  • User management
  • Configuration is too complex
  • More user friendly UI

Return on Investment

  • Vault enabled IAC for kubernetes applications
  • Central configuration for applications
  • Version Control on secrets
  • Improved the company security and secret sharing experience
  • Enabled the PCI compliance for the company

Alternatives Considered

Bitwarden and AWS Secrets Manager

Other Software Used

Cloudflare, Cloudflare Zero Trust Services, Amazon RDS Performance Insights, Amazon Kinesis, Amazon Simple Queue Service (SQS)

HashiCorp Vault - Credentials, passwords, and any kind of secrets in your environment reliably managed.

Incentivized
Erlon Sousa PinheiroView profile
DevOps Engineer in Information Technology at Two Hat Security (11-50 employees employees)

Pros

  • A great repository for credentials and secrets.
  • Good scalability with its own clustering solution and high availability.
  • Easy to install like other Hashicorp products, it is based on just one executable.

Cons

  • Documentation could be better.
  • The multiple key unseal process can be a problem if the need arises.
  • It would make more sense if HashiCorp Vault combined with HashiCorp Consul to create a unique product.

Return on Investment

  • Allowed better access control for credentials, passwords, and important keys.
  • After we started using HashiCorp Vault, we were able to base our environment 100% as code.
  • SSH access control that is possible using HashiCorp Vault adds an extra level of security in environments where external remote access is required.

Usability

Other Software Used

Microsoft Teams, Terraform, Amazon Relational Database Service

HashiCorp Vault for the win!

Incentivized
Marco UrreaView profile
DevOps Engineer in Information Technology at DigitalOnUs (201-500 employees employees)

Pros

  • Credentials generation
  • Secret management
  • Preventing secret sprawling

Cons

  • UI can improve

Return on Investment

  • API driven
  • Versatile
  • Very useful because sensitive data doesn't exist before reading

Alternatives Considered

Microsoft Azure Key Vault

Other Software Used

Microsoft Azure Key Vault, Azure App Service, Azure Virtual Machines

Vault is a flexible and safe secrets managment solution.

Incentivized
Jeffrey SeveranceView profile
Senior Solutions Engineer in Information Technology at Erie Insurance Group (5001-10,000 employees employees)

Pros

  • The HTTP API you use to write and read secrets is open and can be used by any application.
  • It keeps our sensitive data/credentials out of our GitLab repositories.
  • Sealing and unsealing the Vault on demand adds an additional layer of security.

Cons

  • Vault requires a complex setup when getting started.
  • Vault requires decisions around the backend type to be made up front.
  • Vault tokens appear to be managed manually in most cases.

Return on Investment

  • Vault protects our application data from incidents.
  • Vault has decreased the time it takes to provide access to sensitive data.
  • Vault has provided great vault to our information security goals for this year.

Alternatives Considered

Symantec Data Center Security

Other Software Used

CyberArk Privileged Account Security, Gitlab, Terraform

Keeping Your Secrets a Secret with HashiCorp Vault

Incentivized
Verified User
Engineer in Engineering (501-1000 employees employees)

Pros

  • HashiCorp Vault manages secrets extremely well.
  • It works well as a cloud-agnostic or multi-cloud solution.
  • HashiCorp Vault works extremely well with other HashiCorp products.
  • Vault integrates with other systems very well because everything is API driven.

Cons

  • It doesn't have an interface. This isn't entirely bad because of the purpose it serves, but it does make the barrier to entry a little difficult.
  • Unlike many other HashiCorp products, the documentation feels like it leaves some steps out. Step by step documentation lowers the barriers to entry a little bit, and going through even the installation documentation and setup leaves a little bit of the caveats out.
  • It needs a fair bit of supporting infrastructure. You cannot just have a Vault instance. Having a HashiCorp Vault instance means also having a consul cluster for the backend.

Usability

Other Software Used

Chef, Jenkins, Terraform

Related Products

Products similar to HashiCorp Vault that may also meet your needs.
All comparisons
CyberArk Privileged Access Management
CompareLearn more
Delinea Secret Server
CompareLearn more
ARCON PAM
CompareLearn more