New Release Introduces FIPS 140-2 Compliance Along with Vault Entities and Auto-Unseal Integration for AWS and Google Cloud
SAN FRANCISCO, CA--(Marketwired - Nov 14, 2017) - HashiCorp, a leader in cloud infrastructure automation, today released HashiCorp Vault 0.9 with significant updates to both the open source and enterprise versions centered around identity and governance. Updates include an identity store to enable privileged access management across multiple identity providers, auto-unseal for AWS Key Management Service (KMS) and Google Cloud Platform (GCP) KMS, FIPS 140-2 compliance, and deeper integration with Sentinel, HashiCorp's new policy as code framework.
"HashiCorp Vault is critical in protecting and managing secrets in our highly distributed environment -- for authorization and other sensitive data," said Jay Christopherson, principal engineer, DevOps, Spaceflight. "With the addition of Vault being FIPS 140-2 compliant, it not only changes how we manage policies and access in secure environments, it adds compliance that allows us to operate securely in the federal space."
Vault is broadly used among the Global 2000 to address the challenge of infrastructure and application security in distributed environments. The Vault open source product addresses core security use cases for secrets management, encryption as a service, and privileged access management. Vault Enterprise enables teams and organizations to extend Vault with collaboration and operations features, provide governance capabilities, and scale Vault across multiple data centers.
Vault 0.9 introduces several new features and functionality to improve operations around identity and policy management:
In addition to features and improvements around identity and policy management, Vault 0.9 expands governance capabilities with Sentinel integration, HashiCorp's new policy as code framework, along with new FIPS 140-2 compliance and Seal Wrapping functionality. Sentinel integration and Seal Wrap/FIPS 140-2 compliance are both available in Vault Enterprise Premium only. Vault can now operate in environments where FIPS 140-2 encryption is required for secrets management and encryption as a service.
"With the acceleration of cloud adoption, the traditional security perimeter around infrastructure and applications is disappearing," said Armon Dadgar, founder and co-CTO of HashiCorp. "Large organizations are rethinking their approach to security and adopting Vault to provide a solution for secret management, privileged access management, and encryption as a service suited to this new world. The new capabilities in Vault 0.9 give our customers broader support across their range of technologies and clouds, deeper platform integrations, plus validation from our new FIPS 140-2 compliance."
Additionally, Vault 0.9 introduces several updates aimed at collaboration and operations in Vault Enterprise Pro:
Additional Resources
Availability
HashiCorp Vault 0.9 is generally available today. The new capabilities in Vault Enterprise 0.9 enhance the already rich set of enterprise features. Users can download the open source version of Vault at https://www.vaultproject.io. Vault Enterprise is available in two versions: Vault Enterprise Pro focuses on collaboration and operational features, like a UI for managing secrets, health monitoring, and initialization and secure bootstrapping workflows, while Vault Enterprise Premium focuses on multi-datacenter functionality and governance, with features such as HSM integration, replication, and support for Sentinel policy framework integration. For more information about HashiCorp Vault Enterprise, visit https://www.hashicorp.com/products/vault/.
About HashiCorp
HashiCorp is a cloud infrastructure automation company that enables organizations to adopt consistent workflows to provision, secure, connect, and run any infrastructure for any application. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, and Nomad are downloaded thousands of times per day and are broadly adopted by the Global 2000. Enterprise versions of these products enhance the open source tools with features that promote collaboration, operations, governance, and multi-data center functionality. The company is headquartered in San Francisco and backed by Mayfield, GGV Capital, Redpoint, and True Ventures. For more information, visit https://www.hashicorp.com or follow HashiCorp on Twitter @HashiCorp.
Contact Information:
Media and Analyst Contact:
Amber Rowland
amber@therowlandagency.com
+1-650-814-4560