HashiCorp, a DevOps infrastructure company known for its Atlas platform that combines a variety of powerful open-source tools, recently announced Vault Enterprise. HashiCorp describes Vault Enterprise as a comprehensive security solution for DevOps infrastructure. Vault Enterprise is the foundation for security in the HashiCorp DevOps infrastructure suite.
Open source is a virtual necessity for effective DevOps—forming a close symbiotic relationship. I explained in the DevOps and Open Source report published earlier this year, “There are some significant advantages with FOSS (free and open-source software). With a proprietary, closed-source application there are very few people with access to look at the code. Recent incidents with SSH backdoors demonstrate that closed most certainly does not mean secure. When the code is open those types of backdoors can be quickly spotted and resolved.”
With the addition of Vault Enterprise, the HashiCorp suite is now comprised of:
- Vault Enterprise – Empowers security teams to collaborate, validate, and enforce security policies
- Terraform Enterprise – Empowers operations teams to collaborate, validate, and provision infrastructure
- Nomad Enterprise – Empowers development teams to collaborate, validation, and deploy applications
- Consul Enterprise – Empowers all teams to monitor the complete stack
Vault Enterprise is not entirely new. It builds on the open-source Vault to enable security teams to define and enforce security policy and secrets management across distributed infrastructure.
“The shift to highly elastic, microservice architectures requires a different approach to security. Static network-based security is poorly equipped to handle the dynamic application-centric infrastructures being built today,” said Armon Dadgar, co-founder and CTO of HashiCorp. “Vault Enterprise enables organizations to adopt DevOps practices in their approach to security and keep pace with development and operations teams that are adopting DevOps.”
Vault Enterprise includes Hardware Security Module (HSM) integration, which enables developers to integrate Vault Enterprise with HSMs using Vault’s simple API rather than more complex HSM interfaces. According to HashiCorp, there are also a variety of enhancements and new collaborative features in Vault Enterprise, including a new UI for managing secrets, health alerts and monitoring and an intuitive workflow for initializing new Vault clusters.
“Deploying enterprise software to both public and private cloud infrastructure requires a security solution that works everywhere. As we adopt DevOps practices that make our applications and infrastructure more dynamic, we need bullet-proof security,” said John Mitchell, Architect at SAP Ariba. “HashiCorp’s Vault is the only offering that meets these requirements—one workflow across providers and dynamic secrets management.”
DevOps is a culture and a process—not a silver bullet solution or a single product. HashiCorp understands this while still trying to provide a DevOps infrastructure platform that’s as complete as possible. HashiCorp pulls a variety of effective and useful leading tools together, and delivers them in a modular fashion that allows you to embrace DevOps at your own pace.
There are plenty of vendors out there creating proprietary tools and platforms. What I like about HashiCorp is how it is harnessing the power of an array of open source tools to provide a whole greater than the sum of its parts. Vault Enterprise is available now.