HashiCorp Vault Reviews

9 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.9 out of 100

Do you work for this company? Manage this listing

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-4 of 4)

Jeffrey Severance | TrustRadius Reviewer
September 18, 2019

Vault is a flexible and safe secrets managment solution.

Score 7 out of 10
Vetted Review
Verified User
Review Source

We use Hashicorp Vault to protect secrets used by our application teams such as database connection strings, passwords that run jobs, and meta-data about the environment around the application. This tool helps us ensure that our accounts are secure, passwords are private and our data can't be accessed by anyone that shouldn't have access to the system.


  • The HTTP API you use to write and read secrets is open and can be used by any application.
  • It keeps our sensitive data/credentials out of our Gitlab repositories.
  • Sealing and unsealing the Vault on demand adds an additional layer of security.
  • Vault requires a complex setup when getting started.
  • Vault requires decisions around the backend type to be made up front.
  • Vault tokens appear to be managed manually in most cases.
Vault is a reliable and resilient as the Key Management System. It is not for the novice user that does not have a background in information security. It requires a significant time investment into the different key engines that the solution offers to get started. It works very well once implemented and is very flexible in general.
Hashicorp has been very responsive to our questions and inquiries up to this point. We are currently working on them to develop a more granular permissions model within Vault. We are very close to achieving our objectives with the help of their support team. We do not seem to be in the same time zone which makes it hard for escalated issues.
Read Jeffrey Severance's full review
Erlon Sousa Pinheiro | TrustRadius Reviewer
August 20, 2019

HashiCorp Vault - Credentials, passwords, and any kind of secrets in your environment reliably managed.

Score 8 out of 10
Vetted Review
Verified User
Review Source
We are centralizing several config data of our application into a Vault cluster spread into different regions through AWS. It is a solution which was implemented by the DevOps team initially to support the DevOps environment, going later to all production environments. What we used to handle with config files before is maintained by HashiCorp Vault.
  • A great repository for credentials and secrets.
  • Good scalability with its own clustering solution and high availability.
  • Easy to install like other Hashicorp products, it is based on just one executable.
  • Documentation could be better.
  • The multiple key unseal process can be a problem if the need arises.
  • It would make more sense if HashiCorp Vault combined with HashiCorp Consul to create a unique product.
Complex environments today are delivered in an automated manner, usually based on git repository code. From a security standpoint, credentials, passwords, and secret keys cannot be stored in these repositories. A safe and reliable environment for storing this type of data is therefore required. HashiCorp Vault has proven to be an excellent choice in the environments where I inserted it.
As with all other products provided by HashiCorp, the effort and attention that the company has in creating a complete solution ecosystem for the DevOps universe are fully apparent. Several technical lectures about products on YouTube are presented by the company's CEO.
Read Erlon Sousa Pinheiro's full review
Anonymous | TrustRadius Reviewer
August 11, 2019

Keeping Your Secrets a Secret with HashiCorp Vault

Score 10 out of 10
Vetted Review
Verified User
Review Source
HashiCorp Vault is our go-to for secrets management in our cloud implementation. Having used many other HashiCorp products, it was easy enough for us to translate that into the use of Vault. We also use it in a limited capacity with Chef, used in conjunction with encrypted data bags. HashiCorp Vault has allowed us to securely use secrets across applications without the need to expose those secrets. It has also made it easier to implement sane key rotation and achieve automation.
  • HashiCorp Vault manages secrets extremely well.
  • It works well as a cloud-agnostic or multi-cloud solution.
  • HashiCorp Vault works extremely well with other HashiCorp products.
  • Vault integrates with other systems very well because everything is API driven.
  • It doesn't have an interface. This isn't entirely bad because of the purpose it serves, but it does make the barrier to entry a little difficult.
  • Unlike many other HashiCorp products, the documentation feels like it leaves some steps out. Step by step documentation lowers the barriers to entry a little bit, and going through even the installation documentation and setup leaves a little bit of the caveats out.
  • It needs a fair bit of supporting infrastructure. You cannot just have a Vault instance. Having a HashiCorp Vault instance means also having a consul cluster for the backend.
HashiCorp Vault, in my opinion, is a defacto standard for any cloud or automation implementation. They're the best of the best as far as products for secrets management and the ability to use it against relatively any service you have is unheard of for other products. HashiCorp has really taken out all the stops when it comes to creating a nice, extensible tool that people can use to suit their needs.
HashiCorp is very responsive on GitHub if you have issues with their products. They also have a very active community. For actual HashiCorp support though, I do not have enough information to give them a solid rating. Historically, pricing has been a concern with HashiCorp support (their paid plan is a bit on the higher end of pricing), so there haven't been any scenarios where I've interacted with them as a whole outside of community channels. Simply having a well versed and accessible community goes a long way for support though as they are a great avenue.
Read this authenticated review
Anonymous | TrustRadius Reviewer
January 21, 2019

One of a Kind

Score 10 out of 10
Vetted Review
Verified User
Review Source
We have looked into HashiCorp Vault as a solution to generate, store, and manage secrets in a container-oriented production platform. Currently, our systems rely on Vault to store TLS certificates and credentials to stateful services in our customer-facing applications. We are also using Vault to store application-level credentials for some of our products.
  • Automated revocation of credentials via leases
  • Provides many plugins for federated authorization through different platforms
  • Dynamic credential generation
  • Documentation for the API moves slower than changes in the API itself
  • The database secret engine's API design isn't as elegant as it could be
  • No support for revocation of all secrets under one path
I believe that HashiCorp Vault is a unique product for security engineers with a lot of features that can help automate the secret management tasks from end to end. For automation purposes, it does require a reasonable amount of backing infrastructure, so only consider that option if you can get a good ROI. Otherwise, it's a perfectly serviceable tool as a secret store, if you never need to stash credentials in plaintext somewhere, for example, if you're running an application that logs into another service on behalf of other clients and OAuth2 is not an option.
Read this authenticated review

About HashiCorp Vault

HashiCorp now offers their open source application Vault, an encryption tool of use in the management of secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods.
Categories:  Password Manager

HashiCorp Vault Technical Details

Operating Systems: Unspecified
Mobile Application:No