The adoption of Cloud means organisations shift away from static infrastructure to now provisioning and managing dynamic infrastructure—infinite volume and distribution of services, embracing ephemerality and immutability, and ability to deploy onto multiple target environments. Vault allows you to secure, store, and tightly control access to tokens, passwords, certificates, encryption keys, and other sensitive data using a UI, CLI, or HTTP API. You can increase productivity and control costs by reducing systems, licences, and overhead by centrally managing all secret operations. Vault can also assist in reducing the risk of a breach by eliminating static, hard-coded credentials by centralising secrets. Vault enables: 1) identity Brokering for authentication and access to different clouds, policy enforcement, and easy automation; 2) single workflow that integrates with existing infrastructure, reduces costs, and provides a unified audit trail; and 3) open and extensible strong open source community, large partner ecosystem, and full featured multi-cloud secrets engines.

Issues it solves

• Risk of data exposure: Vault encrypts sensitive data in transit and at rest, using centrally managed and secured encryption keys with a single workflow and API
• Risk of breach: Vault eliminates static, hard-coded credentials by centralising secrets in Vault and tightly controlling access based on trusted identities
• Productivity: Vault enables development teams to automatically consume secrets in their application delivery process and protect sensitive data programmatically through a single API

Benefits

• Centralised secrets management, including dynamically generated single-use credentials, with a centralised and audited lifecycle and instant revocability
• Encryption as a Service for data in-transit, with strong access control and creative application of proven cryptographic practices
• Identify and Access Management for secrets, controlled via rich role-based access control lists (policies), with full logging into Vault's audit backend
• Vault has become the enterprise standard in secret management due to its full feature set, most of which are available in the open source version
• Vault is extensible, allowing integration into bespoke solutions and other commercial products

Recommended for

• Head of cloud program, enterprise architecture team, security team, CIO, security, compliance, and audit team, DevOps team, finance team
• Any industry