Venafi Monitor Engine for HashiCorp Vault
Updated Sep. 10 2020

Venafi’s HashiCorp Vault PKI-Monitor integration makes it easy to connect Vault’s credential and key management functions for enterprise-wide visibility and policy enforcement.
Business Outcomes
  • Achieve DevOps speed with simplified use of machine identities for DevOps

  • Get certificate visibility by maintaining a certificate inventory across many HashiCorp Vault instances for audit and compliance

  • Enforce security policy by ensuring all certificates are compliant with corporate security and audit policies

Integration Features
  • Forwards all certificates issued by the Vault local CA to Venafi for visibility and auditing

  • Enforces security team policies within the native Vault workflow

  • Eliminates complexity and errors by automating the certificate lifecycle

  • Enables consistent multi-cloud operations

Solution Overview

Security teams must know what to trust and what not to trust at all times to effectively protect machine identities in dynamic environments. As a result, smart policy enforcement must be automated and embedded into the tools used by application development teams. By shifting machine identity processes left into the pre-production phase and hooking directly into automated DevOps workflows, security teams can regain control over X.509 certificates in fully automated environments.

Together, Venafi and HashiCorp deliver the platforms that empower DevOps and security teams to be successful in this multi-cloud generation. Infrastructure and applications can be built, secured and connected safely and at the speed today’s DevOps teams expect. Application development teams no longer have to be concerned with the details of X.509 certificates when consuming a common service from the security team using Venafi. Security teams maintain smart policy enforcement so their compliance and threat protection responsibilities to the business and customers are always met.

As a common service across clouds, HashiCorp delivers consistent workflows to provision, secure, connect, and run any infrastructure for any application. Venafi integrates with HashiCorp to protect machine identities by delivering visibility, intelligence and automation for X.509 certificates. Venafi also seamlessly makes available a rich ecosystem of more than 40 certificate authorities from within HashiCorp modules, making both private and public trust certificates easy to consume.