SlideShare uma empresa Scribd logo

HashiCorp Vault 1.4: Secrets Management, Data Encryption, Identity Brokering

Mitchell Pronschinske
Mitchell Pronschinske

Vault 1.4 focuses on reliability, ease of use, and broader ecosystem integration. It includes new features like OpenLDAP secrets engine automation, Kerberos authentication, and integrated storage. The release also enhances disaster recovery workflows and adds support for NetApp key management. Additionally, Vault Enterprise's new Transform secrets engine allows secure data transformation and masking for untrusted systems.

Software
1 de 26
Baixar para ler offline
Copyright © 2020 HashiCorp Announcing HashiCorp Vault 1.4 Armon Dadgar Co-founder and CTO, HashiCorp
About HashiCorp Leading Cloud Infrastructure Automation Our software stack enables the provisioning, securing, connecting, and running of apps and the infrastructure to support them. We unlock the cloud operating model for every business and enable their digital transformation strategies to succeed. 2012 Founded 900+ Employees $349M Funding
Customers expect security to work like they do Zero Trust Encrypt Everything Secure Everywhere
Secrets management to centrally store and protect secrets across clouds and applications Data encryption to keep application data secure across environments and workloads Advanced Data Protection to secure workloads and data across traditional systems, clouds, and infrastructure
Vault is trusted by...
What is a “secret”? Defining the language of Secrets Management Anything used for authentication (AuthN) or authorization (AuthZ) Username/Password, API key, TLS certificate, etc. Secret Anything that is confidential SSN, Credit Card, PII, etc. Sensitive
Questions in Secrets Management ▪ How do applications get secrets? ▪ How do humans acquire secrets? ▪ How are secrets updated? ▪ How is a secret revoked? ▪ When were secrets used? ▪ What do we do in the event of compromise?
Questions in Data Protection ▪ Is data encrypted in transit? ▪ Is data encrypted at rest? ▪ Will data be transparently decrypted on access? ▪ Who is allowed to access data? Who is allowed to access storage? ▪ Does access to storage imply access to data?
Guiding Principle: Identity Brokering ▪ Authenticate and access different clouds, systems, and endpoints using identity-based policies ▪ Leverage multiple identities across different platforms with common policy enforcement ▪ Integrate trusted identities in the same application workflow to reduce operational overhead ▪ Support people, machines, and applications
Single Control Plane for cloud security ▪ Automate, control, and secure infrastructure and applications through one API ▪ Unified support across diverse environments ▪ Integrate with providers and technologies you’re already using
Broad Ecosystem Integration ▪ 20+ Identity Providers ▪ 30+ Secret Engines ▪ All major clouds and platforms
Announcing HashiCorp Vault 1.4
Vault 1.4 Focus Reliability and ease of use Focus on improving time to happiness and expanding the capabilities and reliability of Vault. Ecosystem and broader integrations Integrate Vault with existing workflows, applications, and technology seamlessly. Advanced data protection Organizations need a secure way to protect against data breaches or leaks.
Vault 1.4 Ecosystem OpenLDAP Secrets Engine Automate the management of static users and service accounts within OpenLDAP. Integrated Storage Promoted out of beta and into general availability for both open-source and enterprise workloads. Kubernetes Service Registration Automate tagging pods with metadata to simplify service discovery. MongoDB Atlas integration Generate dynamic credentials for both MongoDB Atlas databases and API. Kerberos Auth Method Authenticate users and applications via Kerberos. Redshift Database Secrets Engine Secrets engine now supports static and dynamic secrets for the Amazon Web Services (AWS) Redshift service.
Vault 1.4 OpenLDAP Automation Update stored credentials Open LDAP Configure initial credentials Create or update static credentials Open LDAP Automate credential rotation
Vault 1.4 Kerberos / AD Kerberos / Active Directory User authenticates1 Kerberos session ticket granted2 Kerberos SPNEGO ticket used to authenticate to Vault 3 Vault verifies ticket with Kerberos 4
© 2018 HashiCorpVAULT ECOSYSTEM Vault 1.4 External Storage Storage externalized requiring additional infrastructure Vault Cluster Consul Cluster / Storage
© 2018 HashiCorpVAULT ECOSYSTEM Vault 1.4 Integrated Storage Integrated Storage goes generally available (GA). No external dependencies, running Raft internally. Vault Cluster Storage Storage Storage
Vault 1.4 Enterprise Transform Secrets Engine Performs secure data transformation for protecting secrets that reside in untrusted or semi-trusted systems outside of Vault. Vault Helm Chart Added support for Vault Enterprise in the Helm Chart for hosting Vault on Kubernetes. Improved Disaster Recovery Workflow Support improved workflow for promoting a DR Secondary should the DR Primary be lost. NetApp Enterprise Key Management Support Automate enterprise key management of NetApp Full Disk Encryption (FDE) and Volume Level Encryption via the KMIP Secrets Engine.
⁄ Copyright © 2020 HashiCorp ⁄ Transit Secrets Engine Transform Secrets Engine
⁄ Copyright © 2020 HashiCorp ⁄ Transform Secrets Engine - Data Transformation Transform Secrets Engine
⁄ Copyright © 2020 HashiCorp ⁄ Transform Secrets Engine - Data Masking Transform Secrets Engine
HashiCorp Vault 1.4 Now Generally Available
Demos
www.hashicorp.com hello@hashicorp.com Thank you

Recomendados

Getting Started with Kubernetes and Consul
Getting Started with Kubernetes and ConsulGetting Started with Kubernetes and Consul
Getting Started with Kubernetes and ConsulMitchell Pronschinske
 
Securing AWS Accounts with Hashi Vault
Securing AWS Accounts with Hashi VaultSecuring AWS Accounts with Hashi Vault
Securing AWS Accounts with Hashi VaultShrivatsa Upadhye
 
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Stenio Ferreira
 
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysConsul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysMitchell Pronschinske
 
Multi-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMulti-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMitchell Pronschinske
 
Demystifying Service Mesh
Demystifying Service MeshDemystifying Service Mesh
Demystifying Service MeshMitchell Pronschinske
 
Hashicorp Corporate and Product Overview
Hashicorp Corporate and Product OverviewHashicorp Corporate and Product Overview
Hashicorp Corporate and Product OverviewStenio Ferreira
 
Commodified IaC using Terraform Cloud
Commodified IaC using Terraform CloudCommodified IaC using Terraform Cloud
Commodified IaC using Terraform CloudMarko Bevc
 

Recomendados

Getting Started with Kubernetes and Consul
Getting Started with Kubernetes and ConsulGetting Started with Kubernetes and Consul
Getting Started with Kubernetes and ConsulMitchell Pronschinske
 
Securing AWS Accounts with Hashi Vault
Securing AWS Accounts with Hashi VaultSecuring AWS Accounts with Hashi Vault
Securing AWS Accounts with Hashi VaultShrivatsa Upadhye
 
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Stenio Ferreira
 
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysConsul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysMitchell Pronschinske
 
Multi-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMulti-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMitchell Pronschinske
 
Demystifying Service Mesh
Demystifying Service MeshDemystifying Service Mesh
Demystifying Service MeshMitchell Pronschinske
 
Hashicorp Corporate and Product Overview
Hashicorp Corporate and Product OverviewHashicorp Corporate and Product Overview
Hashicorp Corporate and Product OverviewStenio Ferreira
 
Commodified IaC using Terraform Cloud
Commodified IaC using Terraform CloudCommodified IaC using Terraform Cloud
Commodified IaC using Terraform CloudMarko Bevc
 
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum ResultsMulti-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum ResultsRightScale
 
Understanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp ConsulUnderstanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp ConsulMitchell Pronschinske
 
Understanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps EngineersUnderstanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps EngineersDevOps.com
 
Vault Digital Transformation
Vault Digital TransformationVault Digital Transformation
Vault Digital TransformationStenio Ferreira
 
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit... Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...Amazon Web Services
 
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...Amazon Web Services
 
Automating security in aws with divvy cloud
Automating security in aws with divvy cloudAutomating security in aws with divvy cloud
Automating security in aws with divvy cloudJohn Varghese
 
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage BehindAmazon Web Services
 
Cloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive Security
Cloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive SecurityCloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive Security
Cloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive SecurityCloudreach
 
Vault 1.5 Overview
Vault 1.5 OverviewVault 1.5 Overview
Vault 1.5 OverviewMitchell Pronschinske
 
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015Evident.io
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAmazon Web Services
 
Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption Amazon Web Services
 
zenbanx security use case - Toronto FSI Symposium - October 2016
zenbanx security use case - Toronto FSI Symposium - October 2016zenbanx security use case - Toronto FSI Symposium - October 2016
zenbanx security use case - Toronto FSI Symposium - October 2016Amazon Web Services
 
Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...
Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...
Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...Forster CHIU
 
Secure your critical workload on AWS
Secure your critical workload on AWSSecure your critical workload on AWS
Secure your critical workload on AWSAmazon Web Services
 
AWS Summit Auckland - Running your Enterprise Windows Workload on AWS
AWS Summit Auckland - Running your Enterprise Windows Workload on AWSAWS Summit Auckland - Running your Enterprise Windows Workload on AWS
AWS Summit Auckland - Running your Enterprise Windows Workload on AWSAmazon Web Services
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security Amazon Web Services
 
stackArmor Security MicroSummit - AWS Security with Splunk
stackArmor Security MicroSummit - AWS Security with SplunkstackArmor Security MicroSummit - AWS Security with Splunk
stackArmor Security MicroSummit - AWS Security with SplunkGaurav "GP" Pal
 
The hidden secrets of azure networking
The hidden secrets of azure networkingThe hidden secrets of azure networking
The hidden secrets of azure networkingMohamed Wali
 
Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Ashnikbiz
 
Vault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewVault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewMitchell Pronschinske
 

Mais conteúdo relacionado

Mais procurados

Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum ResultsMulti-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum ResultsRightScale
 
Understanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp ConsulUnderstanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp ConsulMitchell Pronschinske
 
Understanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps EngineersUnderstanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps EngineersDevOps.com
 
Vault Digital Transformation
Vault Digital TransformationVault Digital Transformation
Vault Digital TransformationStenio Ferreira
 
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit... Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...Amazon Web Services
 
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...Amazon Web Services
 
Automating security in aws with divvy cloud
Automating security in aws with divvy cloudAutomating security in aws with divvy cloud
Automating security in aws with divvy cloudJohn Varghese
 
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage BehindAmazon Web Services
 
Cloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive Security
Cloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive SecurityCloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive Security
Cloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive SecurityCloudreach
 
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015Evident.io
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAmazon Web Services
 
Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption Amazon Web Services
 
zenbanx security use case - Toronto FSI Symposium - October 2016
zenbanx security use case - Toronto FSI Symposium - October 2016zenbanx security use case - Toronto FSI Symposium - October 2016
zenbanx security use case - Toronto FSI Symposium - October 2016Amazon Web Services
 
Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...
Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...
Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...Forster CHIU
 
Secure your critical workload on AWS
Secure your critical workload on AWSSecure your critical workload on AWS
Secure your critical workload on AWSAmazon Web Services
 
AWS Summit Auckland - Running your Enterprise Windows Workload on AWS
AWS Summit Auckland - Running your Enterprise Windows Workload on AWSAWS Summit Auckland - Running your Enterprise Windows Workload on AWS
AWS Summit Auckland - Running your Enterprise Windows Workload on AWSAmazon Web Services
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security Amazon Web Services
 
stackArmor Security MicroSummit - AWS Security with Splunk
stackArmor Security MicroSummit - AWS Security with SplunkstackArmor Security MicroSummit - AWS Security with Splunk
stackArmor Security MicroSummit - AWS Security with SplunkGaurav "GP" Pal
 
The hidden secrets of azure networking
The hidden secrets of azure networkingThe hidden secrets of azure networking
The hidden secrets of azure networkingMohamed Wali
 

Mais procurados (20)

Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum ResultsMulti-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
 
Understanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp ConsulUnderstanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp Consul
 
Understanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps EngineersUnderstanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
 
Vault Digital Transformation
Vault Digital TransformationVault Digital Transformation
Vault Digital Transformation
 
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit... Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
 
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
 
Automating security in aws with divvy cloud
Automating security in aws with divvy cloudAutomating security in aws with divvy cloud
Automating security in aws with divvy cloud
 
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
 
Cloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive Security
Cloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive SecurityCloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive Security
Cloudreach Voices - Stay Ahead of the Hackers; a Guide to Offensive Security
 
Vault 1.5 Overview
Vault 1.5 OverviewVault 1.5 Overview
Vault 1.5 Overview
 
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
 
Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption
 
zenbanx security use case - Toronto FSI Symposium - October 2016
zenbanx security use case - Toronto FSI Symposium - October 2016zenbanx security use case - Toronto FSI Symposium - October 2016
zenbanx security use case - Toronto FSI Symposium - October 2016
 
Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...
Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...
Onsite Training - Secure Web Applications with Alibaba Cloud Web Application...
 
Secure your critical workload on AWS
Secure your critical workload on AWSSecure your critical workload on AWS
Secure your critical workload on AWS
 
AWS Summit Auckland - Running your Enterprise Windows Workload on AWS
AWS Summit Auckland - Running your Enterprise Windows Workload on AWSAWS Summit Auckland - Running your Enterprise Windows Workload on AWS
AWS Summit Auckland - Running your Enterprise Windows Workload on AWS
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security
 
stackArmor Security MicroSummit - AWS Security with Splunk
stackArmor Security MicroSummit - AWS Security with SplunkstackArmor Security MicroSummit - AWS Security with Splunk
stackArmor Security MicroSummit - AWS Security with Splunk
 
The hidden secrets of azure networking
The hidden secrets of azure networkingThe hidden secrets of azure networking
The hidden secrets of azure networking
 

Semelhante a HashiCorp Vault 1.4: Secrets Management, Data Encryption, Identity Brokering

Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Ashnikbiz
 
Vault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewVault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewMitchell Pronschinske
 
The Future of Data Management - the Enterprise Data Hub
The Future of Data Management - the Enterprise Data HubThe Future of Data Management - the Enterprise Data Hub
The Future of Data Management - the Enterprise Data HubDataWorks Summit
 
The Future of Hadoop Security - Hadoop Summit 2014
The Future of Hadoop Security - Hadoop Summit 2014The Future of Hadoop Security - Hadoop Summit 2014
The Future of Hadoop Security - Hadoop Summit 2014Cloudera, Inc.
 
Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021lior mazor
 
Zero trust in a multi tenant environment
Zero trust in a multi tenant environment Zero trust in a multi tenant environment
Zero trust in a multi tenant environment Ashnikbiz
 
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Amanda MacLeod
 
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Amanda MacLeod
 
Seeking Cybersecurity--Strategies to Protect the Data
Seeking Cybersecurity--Strategies to Protect the DataSeeking Cybersecurity--Strategies to Protect the Data
Seeking Cybersecurity--Strategies to Protect the DataCloudera, Inc.
 
Simplify and Secure your Hadoop Environment with Hortonworks and Centrify
Simplify and Secure your Hadoop Environment with Hortonworks and CentrifySimplify and Secure your Hadoop Environment with Hortonworks and Centrify
Simplify and Secure your Hadoop Environment with Hortonworks and CentrifyHortonworks
 
Fighting cyber fraud with hadoop
Fighting cyber fraud with hadoopFighting cyber fraud with hadoop
Fighting cyber fraud with hadoopNiel Dunnage
 
The Key to Strong Cloud Security
The Key to Strong Cloud SecurityThe Key to Strong Cloud Security
The Key to Strong Cloud SecurityAkeyless
 
Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Shravan (Sean) Pabba
 
Vault Open Source vs Enterprise v2
Vault Open Source vs Enterprise v2Vault Open Source vs Enterprise v2
Vault Open Source vs Enterprise v2Stenio Ferreira
 
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...Cloudera, Inc.
 
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak
 
Bridle your Flying Islands and Castles in the Sky: Built-in Governance and Se...
Bridle your Flying Islands and Castles in the Sky: Built-in Governance and Se...Bridle your Flying Islands and Castles in the Sky: Built-in Governance and Se...
Bridle your Flying Islands and Castles in the Sky: Built-in Governance and Se...DataWorks Summit
 
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...Cloudera, Inc.
 
Exploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access ManagerExploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access ManagerNovell
 
Fortifying Multi-Cluster Hybrid Cloud Data Lakes using Apache Knox
Fortifying Multi-Cluster Hybrid Cloud Data Lakes using Apache KnoxFortifying Multi-Cluster Hybrid Cloud Data Lakes using Apache Knox
Fortifying Multi-Cluster Hybrid Cloud Data Lakes using Apache KnoxDataWorks Summit
 

Semelhante a HashiCorp Vault 1.4: Secrets Management, Data Encryption, Identity Brokering (20)

Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2
 
Vault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewVault 1.4 integrated storage overview
Vault 1.4 integrated storage overview
 
The Future of Data Management - the Enterprise Data Hub
The Future of Data Management - the Enterprise Data HubThe Future of Data Management - the Enterprise Data Hub
The Future of Data Management - the Enterprise Data Hub
 
The Future of Hadoop Security - Hadoop Summit 2014
The Future of Hadoop Security - Hadoop Summit 2014The Future of Hadoop Security - Hadoop Summit 2014
The Future of Hadoop Security - Hadoop Summit 2014
 
Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021
 
Zero trust in a multi tenant environment
Zero trust in a multi tenant environment Zero trust in a multi tenant environment
Zero trust in a multi tenant environment
 
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
 
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
 
Seeking Cybersecurity--Strategies to Protect the Data
Seeking Cybersecurity--Strategies to Protect the DataSeeking Cybersecurity--Strategies to Protect the Data
Seeking Cybersecurity--Strategies to Protect the Data
 
Simplify and Secure your Hadoop Environment with Hortonworks and Centrify
Simplify and Secure your Hadoop Environment with Hortonworks and CentrifySimplify and Secure your Hadoop Environment with Hortonworks and Centrify
Simplify and Secure your Hadoop Environment with Hortonworks and Centrify
 
Fighting cyber fraud with hadoop
Fighting cyber fraud with hadoopFighting cyber fraud with hadoop
Fighting cyber fraud with hadoop
 
The Key to Strong Cloud Security
The Key to Strong Cloud SecurityThe Key to Strong Cloud Security
The Key to Strong Cloud Security
 
Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015
 
Vault Open Source vs Enterprise v2
Vault Open Source vs Enterprise v2Vault Open Source vs Enterprise v2
Vault Open Source vs Enterprise v2
 
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
 
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud Management
 
Bridle your Flying Islands and Castles in the Sky: Built-in Governance and Se...
Bridle your Flying Islands and Castles in the Sky: Built-in Governance and Se...Bridle your Flying Islands and Castles in the Sky: Built-in Governance and Se...
Bridle your Flying Islands and Castles in the Sky: Built-in Governance and Se...
 
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
 
Exploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access ManagerExploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access Manager
 
Fortifying Multi-Cluster Hybrid Cloud Data Lakes using Apache Knox
Fortifying Multi-Cluster Hybrid Cloud Data Lakes using Apache KnoxFortifying Multi-Cluster Hybrid Cloud Data Lakes using Apache Knox
Fortifying Multi-Cluster Hybrid Cloud Data Lakes using Apache Knox
 

Mais de Mitchell Pronschinske

Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesMitchell Pronschinske
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMitchell Pronschinske
 
Empowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorpEmpowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorpMitchell Pronschinske
 
Automate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpAutomate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpMitchell Pronschinske
 
Using new sentinel features in terraform cloud
Using new sentinel features in terraform cloudUsing new sentinel features in terraform cloud
Using new sentinel features in terraform cloudMitchell Pronschinske
 
Military Edge Computing with Vault and Consul
Military Edge Computing with Vault and ConsulMilitary Edge Computing with Vault and Consul
Military Edge Computing with Vault and ConsulMitchell Pronschinske
 
Unlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsUnlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsMitchell Pronschinske
 
Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)Mitchell Pronschinske
 
Governance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad ClusterGovernance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad ClusterMitchell Pronschinske
 
Unlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: DeploymentUnlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: DeploymentMitchell Pronschinske
 
Keeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultKeeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultMitchell Pronschinske
 
Modern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with NomadModern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with NomadMitchell Pronschinske
 
Moving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on AzureMoving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on AzureMitchell Pronschinske
 
Rapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid EnvironmentsRapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid EnvironmentsMitchell Pronschinske
 
Intermediate HCL: Configuration Languages in HCL2
Intermediate HCL: Configuration Languages in HCL2Intermediate HCL: Configuration Languages in HCL2
Intermediate HCL: Configuration Languages in HCL2Mitchell Pronschinske
 

Mais de Mitchell Pronschinske (20)

Code quality for Terraform
Code quality for TerraformCode quality for Terraform
Code quality for Terraform
 
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD Pipelines
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
 
Empowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorpEmpowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorp
 
Automate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpAutomate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corp
 
Using new sentinel features in terraform cloud
Using new sentinel features in terraform cloudUsing new sentinel features in terraform cloud
Using new sentinel features in terraform cloud
 
Military Edge Computing with Vault and Consul
Military Edge Computing with Vault and ConsulMilitary Edge Computing with Vault and Consul
Military Edge Computing with Vault and Consul
 
Unlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsUnlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub Actions
 
Unlocking the Cloud Operating Model
Unlocking the Cloud Operating ModelUnlocking the Cloud Operating Model
Unlocking the Cloud Operating Model
 
Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)
 
Governance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad ClusterGovernance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad Cluster
 
Integrating Terraform and Consul
Integrating Terraform and ConsulIntegrating Terraform and Consul
Integrating Terraform and Consul
 
Unlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: DeploymentUnlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: Deployment
 
Keeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultKeeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp Vault
 
Modern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with NomadModern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with Nomad
 
Moving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on AzureMoving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on Azure
 
Remote Culture at HashiCorp
Remote Culture at HashiCorpRemote Culture at HashiCorp
Remote Culture at HashiCorp
 
Rapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid EnvironmentsRapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid Environments
 
From Terraform OSS to Enterprise
From Terraform OSS to EnterpriseFrom Terraform OSS to Enterprise
From Terraform OSS to Enterprise
 
Intermediate HCL: Configuration Languages in HCL2
Intermediate HCL: Configuration Languages in HCL2Intermediate HCL: Configuration Languages in HCL2
Intermediate HCL: Configuration Languages in HCL2
 

Último

Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfStefano Stabellini
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationPREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationvaddepallysandeep122
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfLivetecs LLC
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....kzayra69
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 

Último (20)

Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationPREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentation
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdf
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 

HashiCorp Vault 1.4: Secrets Management, Data Encryption, Identity Brokering

  • 1.
  • 2. Copyright © 2020 HashiCorp Announcing HashiCorp Vault 1.4 Armon Dadgar Co-founder and CTO, HashiCorp
  • 3. About HashiCorp Leading Cloud Infrastructure Automation Our software stack enables the provisioning, securing, connecting, and running of apps and the infrastructure to support them. We unlock the cloud operating model for every business and enable their digital transformation strategies to succeed. 2012 Founded 900+ Employees $349M Funding
  • 4. Customers expect security to work like they do Zero Trust Encrypt Everything Secure Everywhere
  • 5. Secrets management to centrally store and protect secrets across clouds and applications Data encryption to keep application data secure across environments and workloads Advanced Data Protection to secure workloads and data across traditional systems, clouds, and infrastructure
  • 7. What is a “secret”? Defining the language of Secrets Management Anything used for authentication (AuthN) or authorization (AuthZ) Username/Password, API key, TLS certificate, etc. Secret Anything that is confidential SSN, Credit Card, PII, etc. Sensitive
  • 8. Questions in Secrets Management ▪ How do applications get secrets? ▪ How do humans acquire secrets? ▪ How are secrets updated? ▪ How is a secret revoked? ▪ When were secrets used? ▪ What do we do in the event of compromise?
  • 9. Questions in Data Protection ▪ Is data encrypted in transit? ▪ Is data encrypted at rest? ▪ Will data be transparently decrypted on access? ▪ Who is allowed to access data? Who is allowed to access storage? ▪ Does access to storage imply access to data?
  • 10. Guiding Principle: Identity Brokering ▪ Authenticate and access different clouds, systems, and endpoints using identity-based policies ▪ Leverage multiple identities across different platforms with common policy enforcement ▪ Integrate trusted identities in the same application workflow to reduce operational overhead ▪ Support people, machines, and applications
  • 11. Single Control Plane for cloud security ▪ Automate, control, and secure infrastructure and applications through one API ▪ Unified support across diverse environments ▪ Integrate with providers and technologies you’re already using
  • 12. Broad Ecosystem Integration ▪ 20+ Identity Providers ▪ 30+ Secret Engines ▪ All major clouds and platforms
  • 14. Vault 1.4 Focus Reliability and ease of use Focus on improving time to happiness and expanding the capabilities and reliability of Vault. Ecosystem and broader integrations Integrate Vault with existing workflows, applications, and technology seamlessly. Advanced data protection Organizations need a secure way to protect against data breaches or leaks.
  • 15. Vault 1.4 Ecosystem OpenLDAP Secrets Engine Automate the management of static users and service accounts within OpenLDAP. Integrated Storage Promoted out of beta and into general availability for both open-source and enterprise workloads. Kubernetes Service Registration Automate tagging pods with metadata to simplify service discovery. MongoDB Atlas integration Generate dynamic credentials for both MongoDB Atlas databases and API. Kerberos Auth Method Authenticate users and applications via Kerberos. Redshift Database Secrets Engine Secrets engine now supports static and dynamic secrets for the Amazon Web Services (AWS) Redshift service.
  • 16. Vault 1.4 OpenLDAP Automation Update stored credentials Open LDAP Configure initial credentials Create or update static credentials Open LDAP Automate credential rotation
  • 17. Vault 1.4 Kerberos / AD Kerberos / Active Directory User authenticates1 Kerberos session ticket granted2 Kerberos SPNEGO ticket used to authenticate to Vault 3 Vault verifies ticket with Kerberos 4
  • 18. © 2018 HashiCorpVAULT ECOSYSTEM Vault 1.4 External Storage Storage externalized requiring additional infrastructure Vault Cluster Consul Cluster / Storage
  • 19. © 2018 HashiCorpVAULT ECOSYSTEM Vault 1.4 Integrated Storage Integrated Storage goes generally available (GA). No external dependencies, running Raft internally. Vault Cluster Storage Storage Storage
  • 20. Vault 1.4 Enterprise Transform Secrets Engine Performs secure data transformation for protecting secrets that reside in untrusted or semi-trusted systems outside of Vault. Vault Helm Chart Added support for Vault Enterprise in the Helm Chart for hosting Vault on Kubernetes. Improved Disaster Recovery Workflow Support improved workflow for promoting a DR Secondary should the DR Primary be lost. NetApp Enterprise Key Management Support Automate enterprise key management of NetApp Full Disk Encryption (FDE) and Volume Level Encryption via the KMIP Secrets Engine.
  • 21. ⁄ Copyright © 2020 HashiCorp ⁄ Transit Secrets Engine Transform Secrets Engine
  • 22. ⁄ Copyright © 2020 HashiCorp ⁄ Transform Secrets Engine - Data Transformation Transform Secrets Engine
  • 23. ⁄ Copyright © 2020 HashiCorp ⁄ Transform Secrets Engine - Data Masking Transform Secrets Engine
  • 24. HashiCorp Vault 1.4 Now Generally Available
  • 25. Demos