Doppler vs. IBM Vault

Doppler largely saved us time by guaranteeing that the factors in our environment remained constant across projects and engineers' local surroundings. When onboarding new team members, access to production deploys is prevented by restricting access tokens to development and staging environments. Enhancing the degree of control that application teams have over their deployments (our DevOps team assists with initial setup, and app developers have access to the Doppler UI for making adjustments/changes)

Incentivized

HashiCorp Vault, in my opinion, is a defacto standard for any cloud or automation implementation. They're the best of the best as far as products for secrets management and the ability to use it against relatively any service you have is unheard of for other products. HashiCorp has really taken out all the stops when it comes to creating a nice, extensible tool that people can use to suit their needs.

Incentivized

• Easier to save secrets
• Hassle free for DevOps team
• All secrets can be used and integrated much easier than before
• Syncing and managing all secrets is much easier
• Even versioning is great feature to consider

Incentivized

• The HTTP API you use to write and read secrets is open and can be used by any application.
• It keeps our sensitive data/credentials out of our GitLab repositories.
• Sealing and unsealing the Vault on demand adds an additional layer of security.

Incentivized

• I wish I could grant developers more granular access.
• It takes some effort to set up environments, and their documentation and tooling might be improved.

Incentivized

• Session Management is terrible to manage
• Monitoring is hard and not enough information
• User management
• Configuration is too complex
• More user friendly UI

HashiCorp Vault is the best there is out there, and it has become critical to our secret management use cases. It would be difficult to find anything that would suit our needs better and that would be beneficial for us to switch over to.

Incentivized

We spent a little more time than we imagined to conceptually understand how HashiCorp Vault operates, as well as how it is configured. This is not trivial, and keep in mind that you will need to take some time to get a thorough understanding of the tool. The documentation could be more helpful in this regard.

Incentivized

Hashicorp has been very responsive to our questions and inquiries up to this point. We are currently working on them to develop a more granular permissions model within Vault. We are very close to achieving our objectives with the help of their support team. We do not seem to be in the same time zone which makes it hard for escalated issues.

Incentivized

Doppler is really good at SecOps compared to other applications. It provides the best services like GitHub integration, cloud platform integrations, and managing secrets. It has the real functionality of synchronizing the secrets and safekeeping them. As it has a complete hand over multiple clouds it makes developers integrate over across cloud platforms. Hence, it is highly recommended to use and imply on.

Incentivized

HashiCorp Vault is way better than Azure Key Vault; it has more features and it goes beyond a key-value secret store.

Incentivized

• ROI is increased

Incentivized

• Helped us reach our security compliance goals.
• Helped us strengthen our security position in our infrastructure by improving on poor secret management practices.

Incentivized