Coming October 25: PeerSpot Awards will be announced! Learn more

HashiCorp Vault OverviewUNIXBusinessApplication

HashiCorp Vault is #4 ranked solution in top Enterprise Password Managers. PeerSpot users give HashiCorp Vault an average rating of 8.0 out of 10. HashiCorp Vault is most commonly compared to Azure Key Vault: HashiCorp Vault vs Azure Key Vault. HashiCorp Vault is popular among the large enterprise segment, accounting for 70% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.
Buyer's Guide

Download the Enterprise Password Managers Buyer's Guide including reviews and more. Updated: September 2022

What is HashiCorp Vault?

HashiCorp Vault is an encryption and secrets management system that is identity-based. When there is a portion of data that an organization wants to maintain confidentiality and control securely, it is considered a “secret.” These include such data as certificates, API encryption keys, passwords, and more. HashiCorp Vault creates complex encryption processes that are secured by additional authorization and authentication protocols. The solution will provide comprehensive restricted access to secrets and other confidential data via HashiCorp Vault’s HTTP API, CLI, or UI. The data is auditable and is stored securely.

Today’s organizations depend upon a plethora of secrets to function effectively. It is therefore imperative that organizations securely control who has access to secrets and other data. HashiCorp Vault is a custom solution that can make the challenging process of securing even the most platform-specific storage easier, and adds detailed audit logs to lock it all down and keep the data safe.

HashiCorp Vault Features

  • Data encryption: The solution is capable of encrypting and decrypting data, and will not store it. Organizations’ security personnel define their own encryption protocols; developers can store the encrypted data where they choose and are not obligated to design specific encryption processes.

  • Robust secrets: For systems such as AWS or SQL databases, Vault is able to generate secrets automatically. HashiCorp Vault is able to generate AWS keypairs with all the appropriate permissions when necessary, and when the approved time expires, will nullify them.

  • Secure secret storage: Any type of value or key secrets can be stored in the Vault. The Vault automatically encrypts the desired secrets before recording them into persistent storage, keeping them safe and secure. Users can record data using HCP Vault’s Consul service or disk, or choose from other options.

  • Nullification: Vault is able to nullify single secrets or all secrets from a particular group or specific user. This process is integral in securing systems in the event of an attack or inappropriate access.

Reviews from Real Users

The greatest benefit of HashiCorp is its ability to manage encryption on the fly. It provides encryption of data at rest, in use, in transit, on the fly, and linked with applications, which was really attractive. The lifecycle of a key is so easy to manage in terms of rotating, revoking, and issuing. They have different auth methods, and I tried all different auth methods. It is seamless.”- Project Manager at a comms service provider.

“The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud-agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp. “ - Mohamed A., Lead DevOps Engineer at Etisalat.

HashiCorp Vault Customers

Adobe, SAP Ariba, Citadel, Spaceflight, Cruise

HashiCorp Vault Video

HashiCorp Vault Pricing Advice

What users are saying about HashiCorp Vault pricing:
  • "It could do everything we wanted it to do and it is brilliant, but it is super pricey. To be fair to HashiCorp, we drove the price up with our requirements around resiliency. Because of the nature of our company, we don't really operate in the cloud."
  • "The AWS version is much cheaper than HashiCorp Vault."
  • HashiCorp Vault Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Project Manager at a comms service provider with 201-500 employees
    Real User
    Top 20
    Provides the ability to manage encryption on the fly, has multiple authentication methods, and makes it easy to manage the lifecycle of a key
    Pros and Cons
    • "We were using it because we have compliance requirements around secret management. Having a secure vault and encrypting data was an additional requirement. When we looked at it first, we were just looking for a vault, like a lockbox. The greatest benefit of HashiCorp is its ability to manage encryption on the fly. It provides encryption of data at rest, in use, in transit, on the fly, and linked with applications, which was really attractive."
    • "In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it."

    What is our primary use case?

    We're a VoIP service provider, and we have a lot of particular requirements. Whatever we use must have a RESTful API. We also have very particular requirements around our backup, logging, and key lifecycle. That's because we have an American parent, who applies a lot of niche standards. My parent company is a big client of theirs. So, the overall group engages HashiCorp. It has gotten to the point where they actually reference HashiCorp as the tool of choice.

    I ran a really detailed proof of concept for our business for six months. I got from HashiCorp one of their premium licenses, and we ran a test of it for six months,  but it is not in use at the moment.

    We were using it for an on-prem implementation. I personally tested the HashiCorp cloud (HCP) on my personal laptop. I tested the premium version, which is the binary download, but it doesn't allow you to do clusters. It was a very limited use case, but we needed something on-prem. We are all on-prem. We don't operate in the cloud. So, we needed something to work with our on-prem setup. So, we weren't not doing a trial of the cloud version.

    How has it helped my organization?

    It was very easy to use. They've got multiple authentication methods, and because everything has a RESTful API, and my whole system is built on API, it would've worked fabulously for us.

    What is most valuable?

    We were using it because we have compliance requirements around secret management. Having a secure vault and encrypting data was an additional requirement. When we looked at it first, we were just looking for a vault, like a lockbox. The greatest benefit of HashiCorp is its ability to manage encryption on the fly. It provides encryption of data at rest, in use, in transit, on the fly, and linked with applications, which was really attractive. 

    During the PoC, I played with every format. I played with the cloud, and I played with the small binary. I played with the enterprise license, and you can't fault it. It is seamless. The lifecycle of a key is so easy to manage in terms of rotating, revoking, and issuing. They have different auth methods, and I tried all different auth methods. It is seamless; it is beautiful, but it has got a price that matches that.

    What needs improvement?

    Its cost can be improved. It is really pricey, but to be fair, it did everything that we wanted it to do. Because of our requirements for high availability, redundancy, and resiliency, we needed a lot of clusters and a lot of nodes. We needed a massive architecture and the price of it was so inhibitive. It was going to cost us over a quarter of a million a year.

    In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it.

    Buyer's Guide
    Enterprise Password Managers
    September 2022
    Find out what your peers are saying about HashiCorp, Microsoft, CyberArk and others in Enterprise Password Managers. Updated: September 2022.
    632,611 professionals have used our research since 2012.

    For how long have I used the solution?

    I ran a proof of concept on HashiCorp for six months earlier this year on one of their premium licenses. We were doing a proof of concept to see whether it suited our business.

    What do I think about the stability of the solution?

    Its stability is excellent.

    What do I think about the scalability of the solution?

    Its scalability is out of this world.

    How are customer service and support?

    I never needed to contact their technical support. We were a potential client, and they were setting up meetings, and I was raising stuff with them. They were catching it beforehand. Their customer support is quite incredible, even when you're just discussing purchasing it from them. We needed to do an integration with our native apps, which are built with Python, and they were giving us people who have done integrations with Python apps. They were going to send people to us to manage it for us. They go above and beyond.

    Which solution did I use previously and why did I switch?

    We're currently using something so basic. We're a smaller outfit, and we didn't really have the security posture of our parent company. So, it is a big rush to meet that, but currently, we're just using Ansible Vault because that's the tool used by our network and infrastructure team. We're trying to get a little bit of integration. We're trying to get secrets out of config files for now. It is a very incremental approach, and we're just taking baby steps until we get to a point where we can re-engage with someone from HashiCorp and maybe use the cloud offering or a more flexible pricing model. Ansible Vault is super basic now with a very reduced scope.

    How was the initial setup?

    It was very straightforward. With an enterprise license, we were getting a lot of support because it was a potential big sale client. Our parent company is an important existing client of Hashicorp. They are one of their biggest clients. So, we got a lot of hand-holding, but personally,  I did a trial of the cloud on my own laptop, and it was very easy. I spun it up in 20 minutes.

    What's my experience with pricing, setup cost, and licensing?

    It could do everything we wanted it to do and it is brilliant, but it is super pricey. To be fair to HashiCorp, we drove the price up with our requirements around resiliency. Because of the nature of our company, we don't really operate in the cloud. Our cloud presence is a couple of VMs. We're not even a hybrid. We don't have a public cloud. As we mature and as we're moving in the cloud direction, it would possibly be a lot cheaper because we'd just be paying for what we're using. That price was for a future-proofed quote of where we will need to be in three years. What we were looking for was colossal. We wanted redundancy clusters, multiple nodes, and multiple validations. It was a global reach, and it was a lot. It was going to cost us over a quarter of a million a year. I was quite frankly shocked. It is a lot of money. I know that we drove it up, and we were getting a lot for that. If we had more flexibility to go into the cloud, it would probably be a lot cheaper.

    My parent company did say that the pricing model changed this year and the price went up. They seem to be bringing themselves in line with general Microsoft pricing. Because HashiCorp has a free version, a lot of people were just using the free version and getting by on it, but if you want to have clusters and the scalability to have more clusters, you will have to upgrade.

    They do have different licenses, but they are very closed about their pricing. I was three months into the PoC before I could get a price. They don't offer it, and they don't lead with it. It is probably because it is very bespoke.

    We wanted it to do so many things, and that's why it was so pricey, but even to take it down, they have some confusing terms. They've got fixed costs, but there is a cost per client, and I found the definition of client fuzzy. So, you pay a certain price for every client that interacts with the vault or with HashiCorp, but what they call a client is quite loose. You could get up to a lot of clients very quickly. There are some elements of the pricing that I wouldn't be super keen on.

    Which other solutions did I evaluate?

    We did a lot of trialing across. I did a big piece of work and went through a lot of literature reviews and looked for all the available offerings. I looked at over 60 offerings in the market and whittled them down by my specific requirements. I got down to a list of four and applied more requirements to that, and HashiCorp was a clear standout. That's why we went into a PoC with them, and they didn't disappoint. It is the best in the market. It is just the price, but I know that we were pushing up the price because our requirements were possibly a little bit dated. If I had more cloud presence and used their cloud version, it would probably make a lot more sense for us as a business. We're going through a big change at the moment. So, maybe in a year's time, we'll go back to them and take their cloud offering.

    What other advice do I have?

    I would rate it a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Cloud Architect
    Real User
    Free to use and simple to navigate but has a complex setup
    Pros and Cons
    • "The interface is very simple to navigate."
    • "The technical support was hard to get a hold of and lacking in service."

    What is most valuable?

    The integration with other HashiCorp tools is very, very good. 

    The solution is free to use.

    The interface is very simple to navigate.

    What needs improvement?

    We found that Microsoft Azure Vault is better due to the fact that it has integration with all of the Azure services.

    It would be better if it integrated more broadly with cloud API such as Amazon Web services, et cetera. 

    The error handling could be a bit better. 

    The technical support was hard to get a hold of and lacking in service.

    The initial setup could be simplified. 

    For how long have I used the solution?

    I have used the solution for two years. the last time I used the solution was at my old company and that was about a year or so ago. 

    How are customer service and technical support?

    We didn't deal too much with technical support.

    Largely, we would do any repairs by looking at the documentation on our phones. They never came to the office for technical support.

    They could improve their services. For example, in the case of Microsoft, you can easily create a ticket and within an hour or two get a response. When you are working with the cloud, more frequent responses are important. With this solution, we didn't even know how to initiate asking for help. We'd try to create a ticket and found that getting help would take a very long time. That's why we ended up doing our own research. We'd look at videos and work at debugging manually. 

    I wouldn't say that we were satisfied with the level of suppirt.

    How was the initial setup?

    The initial setup is a bit complex. 

    There are two ways to set up the solution. One was with the cloud in production, where we were using integration with the cloud. Cloud account. In that case, sometimes, it requires tracking errors, which comes while integrating the cloud. That was the main problem. We mostly do our manual recheck and look for any issues via diagnosis logs. The error handling could be better.

    What's my experience with pricing, setup cost, and licensing?

    I wasn't involved in licensing, although it is my understanding that many of HashiCorp products are free of cost. There are premium services you could purchase, however, our organization only used the free versions. 

    What other advice do I have?

    My previous organization was using this solution, whereas the current organization I work for is not. This is due to the fact that we work on multiple projects. We are a research team, and the delivery team does the implementation. We just propose solutions to clients based on their particular requirements. We tend to use many different solutions and tools at this company.

    I'd rate the solution at a six out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Enterprise Password Managers
    September 2022
    Find out what your peers are saying about HashiCorp, Microsoft, CyberArk and others in Enterprise Password Managers. Updated: September 2022.
    632,611 professionals have used our research since 2012.
    Mohamed Anees - PeerSpot reviewer
    Lead DevOps Engineer at Etisalat
    Real User
    Top 5Leaderboard
    An open source and cloud agnostic solution
    Pros and Cons
    • "The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp."
    • "I don't think there are any major improvements required—so far, so good. However, I think that having more training materials, such as videos, and documentation available would be helpful. I would prefer to have more videos available either on the official site or on YouTube."

    What is our primary use case?

    One of our primary use cases of HashiCorp Vault is security, to keep things secret. Instead of going for any particular cloud-based solution, this is cloud agnostic. We can go for any cloud solution when we have a hybrid solution in place, so Vault is always recommended for it. 

    This solution is cloud-based. 

    What is most valuable?

    The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp. 

    What needs improvement?

    I don't think there are any major improvements required—so far, so good. However, I think that having more training materials, such as videos, and documentation available would be helpful. I would prefer to have more videos available either on the official site or on YouTube. 

    For how long have I used the solution?

    I have been using this solution for less than a year. 

    What do I think about the stability of the solution?

    This solution is stable. 

    What do I think about the scalability of the solution?

    This solution is scalable. 

    There are less than 10 people in our organization using HashiCorp Vault. We have plans to increase our usage. 

    How are customer service and support?

    I have never contacted HashiCorp support directly because, so far, I haven't had to. 

    Which solution did I use previously and why did I switch?

    We have also used similar cloud-based solutions. AWS and Azure are promoting their own solutions, which we have used before. 

    How was the initial setup?

    The installation was very straightforward. It didn't take more than one hour. We did it ourselves and the documents are very clear and helpful, so it was fine. For deployment and maintenance, we had a team of five engineers. 

    What about the implementation team?

    We implemented this solution through an in-house team. 

    What other advice do I have?

    I rate HashiCorp Vault a nine out of ten. 

    The goal is to move towards open source, so it's always good to have a cloud agnostic-based solution. This is why our organization is always goes with a hybrid solution, which doesn't depend on any single cloud provider—it's always good to look for cloud agnostic solutions. In that view, I think that HashiCorp solutions are very, very acceptable. 

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    RamanaBhavaraju - PeerSpot reviewer
    Founder & Principal Architect at NCompas Business Solutions Inc.
    Real User
    Top 5Leaderboard
    A secure solution for storing secrets
    Pros and Cons
    • "It can still be configured by a separate team other than developers. That's why I think it's more secure."
    • "We could use more documentation, primarily to do with integrations."

    What is our primary use case?

    Primarily, we use this solution for the secret management side of things. Initially, we were using Azure Key Vault, but we kind of shifted to HashiCorp Vault because we are using Terraform scripts, etc. We needed a common storage mechanism.

    How has it helped my organization?

    It's kind of technical, but when we were using Azure Key Vault, it was more driven towards applications. Our developers were exposed to those secrets and everything, but there were some things we didn't want our DevOps team to be exposed to. This is where the Hashi Key Vault helps. It can still be configured by a separate team other than developers. That's why I think it's more secure.

    What needs improvement?

    We could use more documentation, primarily to do with integrations. Anybody who uses HashiCorp integrates with a public cloud, like Azure or AWS. Azure and AWS have their own secret management; how does this collaboration work between the key vault of HashiCorp to the key vault of Azure? Some of this documentation is not up to mark.

    For how long have I used the solution?

    I have been using this solution for slightly more than one year. 

    What do I think about the scalability of the solution?

    This solution is both scalable and stable.

    How are customer service and technical support?

    The technical support is pretty good.

    What other advice do I have?

    Be careful about how you structure your Terraform scripts. You should probably start off with some examples already given by HashiCorp before you begin implementation. Once you've gone too deep, it's difficult to factor things in and out of it. Carefully read the documentation right from the get-go.

    Overall, on a scale from one to ten, I would give HashiCorp Vault a rating of eight.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Microsoft Azure
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Ruwan Senarathne - PeerSpot reviewer
    Technical Lead at Fortude.co
    Real User
    Offers the ability to share tokens and leasing
    Pros and Cons
    • "The solution is stable. It has been working perfectly without any problem."
    • "The solution could be much easier to implement."

    What is most valuable?

    The most valuable features are the ability to share tokens and leasing.

    What needs improvement?

    The solution could be much easier to implement. We are trying to implement it now. 

    For how long have I used the solution?

    I've been working with the solution for about one and a half years.

    What do I think about the stability of the solution?

    The solution is stable. It has been working perfectly without any problem.

    How are customer service and support?

    We went with the opensource version, so we did not get enterprise support.

    Which solution did I use previously and why did I switch?

    Previously, we had just a simple key-value store use case. Then it came into the users sharing their password across the company and using it for the deployment. That is the reason we moved up to the HashiCorp Vault. 

    If it's just simple things, I'll go with the AWS Secrets Manager. But since we have additional requirements, that is the reason for looking at HashiCorp Vault.

    What's my experience with pricing, setup cost, and licensing?

    We are using the open-source version. At the moment, our cost is basically the engineer's work time and the infrastructure costs. But compared to the AWS Parameter Store, the AWS version is much cheaper than HashiCorp Vault.

    What other advice do I have?

    I would rate Vault an eight out of ten because of the recurrent requirement.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free Enterprise Password Managers Report and find out what your peers are saying about HashiCorp, Microsoft, CyberArk, and more!
    Updated: September 2022
    Buyer's Guide
    Download our free Enterprise Password Managers Report and find out what your peers are saying about HashiCorp, Microsoft, CyberArk, and more!