HashiCorp offers Vault, an encryption tool of use in the management of secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods. It is available open source, or under an enterprise license.
$0.03
Venafi Control Plane for Machine Identities
Score 6.0 out of 10
N/A
Venafi, headquartered in Salt Lake City, protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, code signing, mobile and SSH.
HashiCorp Vault, in my opinion, is a defacto standard for any cloud or automation implementation. They're the best of the best as far as products for secrets management and the ability to use it against relatively any service you have is unheard of for other products. HashiCorp has really taken out all the stops when it comes to creating a nice, extensible tool that people can use to suit their needs.
Venafi allows an engineer to automate the full provisioning process not only installing the certificate to multiple applications but also configuring specific requirements for that application.
The Venafi platform is constantly evolving through its upgrades which occur every quarter to meet client's specific needs. This is an outstanding model however the documentation that follows the upgrades could be more thorough.
HashiCorp Vault is the best there is out there, and it has become critical to our secret management use cases. It would be difficult to find anything that would suit our needs better and that would be beneficial for us to switch over to.
We spent a little more time than we imagined to conceptually understand how HashiCorp Vault operates, as well as how it is configured. This is not trivial, and keep in mind that you will need to take some time to get a thorough understanding of the tool. The documentation could be more helpful in this regard.
Hashicorp has been very responsive to our questions and inquiries up to this point. We are currently working on them to develop a more granular permissions model within Vault. We are very close to achieving our objectives with the help of their support team. We do not seem to be in the same time zone which makes it hard for escalated issues.
Each public certificate provider has their own flavor of certificate automation, but they are not that flexible and only work with their own products. Certified Security Solutions CMS is a lightweight tool that directly competes with Venafi, but is not nearly as robust or feature risk. This is a straight forward management solution that is best fitted for the smaller companies.
An outage is a very devastating event to any large corporation and can cost millions. Venafi's ability to prevent these outages has proven to be a great return on investment for our environment and has helped protect the bottom line.
Venafi automates certificate installation with an included feature to schedule the install in advance. This is a great benefit of the tool because it eliminates human error and prevents any forgotten or overlooked certificates to be renewed. After installation Venafi will also validate the certificate to confirm that it has been installed properly. This shows just how thorough this tool really is.
Security compliance is of the utmost importance in a large organization for auditing purposes and certificate security policies but at times can prove to be difficult to enforce. Venafi has proven to play a pivotal role in enforcing these policies in our environment.
