As IT organizations have strived to enhance their overall application security, there’s been a lot more focus on secrets management to protect, for example, credentials such as passwords from being hacked. The goal is to create a separate space of managing those credentials that resides outside of the application to make the environment more secure. […]
As IT organizations have strived to enhance their overall application security, there’s been a lot more focus on secrets management to protect, for example, credentials such as passwords from being hacked. The goal is to create a separate space of managing those credentials that resides outside of the application to make the environment more secure.
HashiCorp this week extended the HashiCorp Vault platform for managing secrets by adding support for secure plugins, disaster recovery, mount filtered replication capabilities, and multi-factor authentication to both the open source and enterprise editions. HashiCorp CTO Armon Dadgar says these capabilities build on the multi data center capabilities that HashiCorp built into the previous versions of HashiCorp Vault.
“We’re focusing more on things such as data governance,” says Dadgar.
For example, the new release allows for the replication of tokens and leased credentials as well as secrets and policies, which makes it faster to return from a down state without having to re-generate tokens for applications/users accessing secrets. Support for secure plugins makes it possible to integrate custom authentication backends and workflows.
Dadgar says HashiCorp Vault is gaining traction because it provides a mechanism that enables IT organizations to manage credentials across a range of applications versus having to replicate the same functionality inside every custom application.
A more structured approach to how secrets are managed with an IT environment can only help. The good news is the developers creating custom applications that employ those secrets finally seem to be taking that requirement to heart.
Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
