Secrets management is a complex problem that all organizations ranging from startups to large enterprises face. Secure distribution of secrets is only a small part of the challenge, as operators and security teams must reason about key rolling, auditing, and incident management during a compromise. Beyond the basic storage of passwords, secrets also include certificates, keys, and sensitive user data (PII).
Vault is a tool designed to tackle these problems by centralizing secrets, access control, and auditing policies. It is architected for modern systems: t is a distributed system, it is highly available, and it is built to run on physical machines or the cloud. It not only manages basic secrets, but also acts as a complete PKI solution, an SSH access broker, and more. Vault is being used today by some of the world's most security sensitive organizations.
In this talk we discuss the problems faced in secrets management and how Vault is being used to solve them in production.
Mitchell is best known as the creator of Vagrant, Packer, and Consul. Mitchell is the founder of HashiCorp, a company that builds powerful and elegant DevOps tools. He is also an O’Reilly author and professional speaker. He is one of the top GitHub users by followers, activity, and contributions. “Automation obsessed,” Mitchell solves problems with as much computer automation as possible.