SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

HashiCorp Vault 0.8 Released

August 10, 2017

HashiCorp Vault 0.8 includes significant updates to both the open source and enterprise versions, including new secure plugins, disaster recovery, mount filtered replication capabilities, and multi-factor authentication (MFA).

Vault is broadly used among the Global 2000 to address the challenge of infrastructure and application security in distributed environments. The Vault open source product addresses core security use cases for secrets management, encryption as a service, and privileged access management. Vault Enterprise enables teams and organizations to simplify Vault usage with collaboration and operations features, provide governance capabilities, and scale Vault across multiple data centers.

A significant addition to the open source version of Vault with the 0.8 release is:

•Secure Plugins: Secure plugins enable individuals and organizations to integrate custom authentication backends and workflows. This makes it easier to author plugins for the entire community and also makes it possible for Vault Enterprise users to create and integrate custom backends.

Vault Enterprise 0.8 includes capabilities that improve operations, security workflows, and multi-data center controls:

•Disaster Recovery: A new mode of replication which allows for the replication of tokens and leased credentials as well as secrets and policies, and prioritizes the ability to quickly return from a down state without having to re-generate tokens for applications/users accessing secrets.

•Mount Filtered Replication: A new addition to the Performance Mode of Vault Replication released in Vault Enterprise 0.7, mount filters allow for only selected secret and authentication mounts to be replicated from primary to secondary. This is critical for managing secrets governed by data sovereignty, governance, risk management, and compliance regulations.

•Multi-Factor Authentication (MFA): An entirely new MFA subsystem allows Duo Push, Okta Push, and Time-based One-Time Password (TOTP) MFA methods to be required for any operation on an authenticated path within Vault.

"The previous release of Vault Enterprise introduced multi-datacenter replication, which has enabled many of our enterprise customers to adopt or expand their usage of Vault. The new release makes the multi-datacenter capability richer and adds disaster recovery replication for the most mission-critical use cases," said Armon Dadgar, co-founder and CTO of HashiCorp. "Additionally, we have added a secure plugin mechanism which allows users and customers to innovate on top of Vault and build on the secure foundation it provides."

"Deployment of HashiCorp Vault began at Adobe a little over a year ago and has quickly become a fundamental feature of our large-scale, distributed, hybrid cloud environment," said Chandler Allphin, security engineer at Adobe. "A native plugin system is just one of the pieces that engineers are excited to leverage in the new 0.8 release. With the addition of disaster recovery as well, Vault allows us to expand how we handle fault tolerance and replication across our distributed infrastructure."

Terms of Use | Copyright © 2002 - 2017 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement