HashiCorp Vault Reviews & Product Details

HashiCorp Vault Overview

What is HashiCorp Vault?

HashiCorp Vault enables organizations to securely secure, store, and tightly control access to tokens, passwords, certificates, and encryption keys for protecting secrets and other sensitive data across multiple clouds. Vault secrets management centrally manages and enforces access to secrets and systems based on a trusted a trusted source of application and user identity. Governance features enable security teams to control these identities for different teams. Additionally, Vault handles multi-datacenter replication and disaster recovery so you can maintain continuous and agile application delivery.

HashiCorp Vault Details
Languages Supported
English
Product Description

HashiCorp Vault is a tool that secure user applications and infrastructure to limit the surface area and attack time in the event of a breach


Seller Details
Seller
Hashicorp
Company Website
Year Founded
2012
HQ Location
San Francisco, CA
Twitter
@hashicorp
65,619 Twitter followers
LinkedIn® Page
www.linkedin.com
1,150 employees on LinkedIn®
Show More

HashiCorp Vault Screenshots

Answer a few questions to help the HashiCorp Vault community
Have you used HashiCorp Vault before?
Yes

HashiCorp Vault Reviews

Write a Review
Filter reviews
LinkedIn®
Connections
Popular Mentions
Showing 30 HashiCorp Vault reviews
Popular Mentions
Showing 30 reviews
Filter Reviews
Filter Reviews
Sort by
Ratings
Company Size
User Role
For Category
All Industries
Region
Already have HashiCorp Vault?
Write a Review
Cloud Platforms Engineer
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: G2 Gives Campaign
What do you like best?

Simple installation in a single binary. Adapt tokanization concept in whole process of the product. Support IaC approach to deploy the whole product and service. Robust plugin architecture enable integrate with other solutions too. In build integration of most famous cloud make vault a perfect match to manage cloud as well as onprems . On other hand vault work on standard set of API which can manipulate easily without any dependency. This will make the product highly customization and put change management on a automated workflow. Hashicorp do a nice job by making the vault OSS version and free of charge learning materials with ongoing community developments. Review collected by and hosted on G2.com.

What do you dislike?

Inconsistency of command and it is parameters make us confuse. They should have a standard on this. The documentation is there but not up to date. Most of the configuration example are missing. It is not cut and clear how we integrate the vault in day to day work for immature user. Hashicorp should think about this and improve the lack of up to date documentation. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Your first impression will make think you it is a simple tool. But it's UI just tip of the iceberg. Explore more in API and CLI, think more in automation & secure manner to see the correct picture Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Securing the identity, access levels, manage rotatable secrets in devops workflow and implement encryption too in a single trusted authority. The dynamic secrets in the vault is a top graded feature in terms of securing sensitive data in SCM and logs. The automated token rotation is very helpful. Vault solve very common and critical problems like encryption, data masking, token validation and least privileges in one place without any additional tolls. Review collected by and hosted on G2.com.

Show More
Show Less
AI
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Rich set of options to control access (policies, groups), rich set of authorizations for users (e.g. oidc, leap) and for apps (kubernetes, approle).

Versioned KV storage for secrets.

Dynamic passwords for databases and etc. Review collected by and hosted on G2.com.

What do you dislike?

Open Source version does not have replication of any kind.

Premium version has replication and disaster recovery, but replication sometimes has issues under big load.

Even in Premium version, you can find bugs. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Follow the guidelines provided by HashiCorp. IF you have a premium version - don't hesitate to ask for a review of your setup. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Centralized secrets storage for the whole organization. Integration with cloud, on-prem, and kubernetes. Dynamic passwords management for databases. Review collected by and hosted on G2.com.

Show More
Show Less
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

It has both cli and rest endpoints to manage secrets at one place. Along with secret management it provides other features like audit for secret access Review collected by and hosted on G2.com.

What do you dislike?

Documentation is not up to mark, some more improvement in documentation can lower the entry barrier for users Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

To generate and manage our single sign in tokens for applications Review collected by and hosted on G2.com.

Show More
Show Less
Systems Engineer
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

Personally and Professionally.. So, far i think the best thing i like about the Vault product is secure secret storage for API Keys and dynamic secrets. Also, the sheer fact that we can also utilize this as our CA aka Certificate Authority is huge and extremely awesome! Besides that, we're enabling Docker/Kubernetes access via Vault, and this is a huge breakthrough for us as an organization that is redefining a lot of things in our industry, especially in IoT. Review collected by and hosted on G2.com.

What do you dislike?

I don't really dislike anything. However, if i had to specify one specific thing, i would have to say large data encryption. But, due to my limited knowledge i can't truly say it's a dislike. It's just taken some work with my minimal knowledge to get applications setup properly to encrypt all their data types and then storing it in specific locations. Please do not take this "Dislike" the wrong way though. This product works great in many scenarios and i have no regrets thus far either way. It's not a dislike per say, just a learning curve for some of the typical use cases.. but is still coming along just fine for us overall. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Do your research but i highly recommend you AT LEAST evaluate HashiCorp Vault. Read up on it, do an implementation and at least one integration with something you already utilize in the cloud or on-prem and the product will start to speak for it self.. Honest to god truth! Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We're solving a lot of problems.. secure storage of every type of secret you can imagine, from API keys, to encryption, to ssl certificates, and more. Dynamic secrets that the vault software generates on the fly is terrific! We can have on-premise applications access S3 style storage objects within Amazon Cloud (AWS) and within our own CEPH cluster. We also accomplish SQL Database access for various compliance reasons now with Dynamic Secrets that HashiCorp Vault gives us the ability to do, better than any other software i have utilized to date. Docker Access Rights. Centralized managed. Automated certificate generations, and still, i could go on and on (literally)! This software package overall is allowing us to accomplish so many things with one single point of management overall; i.e. PKI aka Public Key Infrastructure in across the board for our infrastructure and users (especially our development teams). Review collected by and hosted on G2.com.

Show More
Show Less
AA
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Organic
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best?

Secret as a Service (Dynamic secrets) and flexibility.

Good integration with multiple authentication provider. Good varities on Dynamic secrets and can be used with Encryption as a Service.

The installation and configuration is very easy. We can up and running a cluster in 1 day.

The rolling update is easy and we can quickly add more cluster nodes if needed. Review collected by and hosted on G2.com.

What do you dislike?

Vault integration with project is leak.

We have one side the Vault agent, and other side the Consul template or envconsul. For example, envconsul didn't work with Vault agent auto-auth token.

It's hard sometime to use Vault because projects don't want (or haven't budget for) to develop Vault code lines integration.

The Vault UI is very basic. Some actions can't be done with the UI. Add more UI features for administration facilities.

Dynamic secrets is great but some time legacy application couldn't not use it. Should be great to have static secret with specific hook trigger to rotate password. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

The most complicated part to start with Vault is to make all roles for any entity and to do the policies matching. In big companies, it's can be hard and take a lot of time. Starting with "Who will do What" is cost saving. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Security needs in Cloud environment.

Projects migration from intranet to cloud to solve security issue with very sensitive data.

One tool for any environment (multi-cloud, intranet, etc).

Vault is used to add security in cloud like intranet and having control to encryption keys. Review collected by and hosted on G2.com.

Show More
Show Less
AR
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Organic
What do you like best?

Different method of authentication! Many engines with unique capabilities. Good integration with other Hashicorp products. Compatible with all the modern tools. Cloud friendly!

It is easy to test features by just running the dev server on your local machine. Vault uses resources very efficiently so it does not require large servers. Review collected by and hosted on G2.com.

What do you dislike?

Implementing Vault properly in an organization is a bit challenging since the tool can do many things in many different ways and you should make sure you setup your workflows properly to be able to scale easily. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Make sure you put sometime to layout paths, naming conventions , policies before you going to production with Vault.

Make sure you check in all the configuration in VSC and use tools like Terraform to run them.

Vault is a very powerful tool! Start using it if you have not already! Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Secret management,

PKI as a Service,

Consul ACL token lifecycle management,

Nomad ACL token lifecycle management, Review collected by and hosted on G2.com.

Show More
Show Less
Head of Research and Development
Computer & Network Security
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

I like the product and its working. It's quite easy to setup and start using effortlessly. There are very good enough documentations and tutorials on the internet to use vault precisely to meet your requirements. And it has almost all of the functionality you can expect from a secrets management product. Review collected by and hosted on G2.com.

What do you dislike?

I am very satisfied with the product. But I am not sure about the service. I wanted a demo and quotation of their product - So I did fill up the form for getting started with vault enterprise. I did not receive any sort of communication email from them - regarding the product or the demo. After I filled up the form - It did say that a demo will be provided. Still waiting for the same. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

HashiCorp Vault is a very good product. Only I am not sure about the support and communication - If it's only me being ignored or it's same for most of us. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We needed a password management product to use in our company. As we are using AWS and other products which require proper secrets management - It did fulfil all our requirements. And features like leasing & renewal, dynamic secrets, revocation are extremely useful(which we did not think of earlier). Review collected by and hosted on G2.com.

Show More
Show Less
System Admin
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

Vault is lightweight and easily installable.

The possibility of high availability.

Terraform integration with own resources.

Simple Web UI

API driven access/manage, could integrate with other software. Review collected by and hosted on G2.com.

What do you dislike?

The high learning curve.

Maybe the lack of an officicial Ansible Module (not only a Lookup Plugin) Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Test Vault in Dev mode (in a Docker instance for example) and switch into production using it for every secret you have in code. Vault must your new front door, now. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Vault has solved the problem of sharing passwords and AWS credentials. Now the code of Terraform could be safe in the Git repository. A vault it's easily up with Ansible. Review collected by and hosted on G2.com.

Show More
Show Less
UI
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Several basic functionalities that I found the best in it is its ability to create useful folders for my ease that helps me to find my particular document within just seconds. Moreover, the search bar of the software helps in finding the data and even the content present in it which is quite delightful and easy-going. Furthermore, it helps me to maintain a large amount of data at one single place with a full secure system. Password maintaining ability of this particular application is the best because it enables me to safely secure my passwords at one single location without a need of remembering them. Review collected by and hosted on G2.com.

What do you dislike?

The product has different useful features that are effective to maintain a large amount of load into a specific way. Moreover, creating useful sections for particular type of document is the best feature in it. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

I would really prefer this software on others because it helps me in an efficient way that keeps my data fully secure and safe at one certain place. Moreover, the affordability of the product is so much enhanced that it could be affordable by every type of organization regardless of their resources and size as well. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

HashiCorp is data security software that keeps my data fully safe and secure from all the outside threats. Moreover, it helps me securely saving data with a facility of tightly control access to tokens, certificates, passwords and encryption keys that is effective enough to keep data safe and secure at specific platforms. Apart from this it has various features that helps in central management and also these functions are enough capable of enforcing access to secrets and systems that are based on trusted control applications. Review collected by and hosted on G2.com.

Show More
Show Less
System Administrator
Information Technology and Services
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Organic
What do you like best?

Central place to store and manage secrets. consistent and reliable. Review collected by and hosted on G2.com.

What do you dislike?

Steep learning curve, but it's very usable once you get it up and running. Just tackle one small piece at a time. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Make use of Hashicorp's learing docs as well as any user group you can find for Vault Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

automating and securing our internal certificate process. also storing secrets in vault instead of in metadata. Review collected by and hosted on G2.com.

Show More
Show Less
Lead Solutions Architect
Information Technology and Services
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

Vault is super flexible, and helps you implement from simple secrets management to dynamic credentials and a series of other operations with data encryption. Review collected by and hosted on G2.com.

What do you dislike?

Flexibility sometimes comes at the cost of complexity, implementing and managing Vault is not for the faint of heart. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

A steep learning curve shouldnt deter you from using this. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Secure access to secrets for kubernetes workloads, dynamic credentials.

Once the initial setup is done, its easy for users to input secrets and make use of dynamic credentials in their apps. Review collected by and hosted on G2.com.

Show More
Show Less
Senior System Engineer
Banking
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

we use vault for security it really responde to our needs. Review collected by and hosted on G2.com.

What do you dislike?

I would like to have an ocsp function for this Review collected by and hosted on G2.com.

Recommendations to others considering the product:

first all this about roles, policies and make tests to be sure about what tokens can do. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

générate certficates and store secret are very slow before, now it is possible in less then 10 secondes. Review collected by and hosted on G2.com.

Show More
Show Less
CF
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

- I can trust that vault will keep my data secure with minimal management overhead from my team

- Simple Interface to review my key values

- Simple to use API's Review collected by and hosted on G2.com.

What do you dislike?

Longer ramp up period for teams across the organization to use. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Read all of the documentation! It is extremely helpful in getting started and training your employees to effectively implement Vault Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

- Secure KV store for database credentials with Dynamic rotation Review collected by and hosted on G2.com.

Show More
Show Less
AS
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

Integration with Terraform was seamless. Review collected by and hosted on G2.com.

What do you dislike?

Web UI was lacking, and featureset for user secret management would be great to add. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Great product, with a few user features still to come to compete with the likes of CyberArk and Secret Server. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We would like to leverage the dynamic secret function, with a focus on just in time authentication and short-lived access keys. Review collected by and hosted on G2.com.

Show More
Show Less
UC
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

Vault provides a number of methods for manage and securing information ranging from certificates to ssh keys and passwords, provides HA capabilities and an easy to use web ui Review collected by and hosted on G2.com.

What do you dislike?

Some of the back end management is difficult to script. Certificates are stored via token making it hard to audit with out some work Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Password management, key rotation, dev facing ca server Review collected by and hosted on G2.com.

Show More
Show Less
AC
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

High availability even in the free version (with consul backend) Review collected by and hosted on G2.com.

What do you dislike?

The deployment in enterprise environment is not the smoothest, but it works fine anyway. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We are solving the problem of having credentials stored in git. Review collected by and hosted on G2.com.

Show More
Show Less
UC
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

Great for secret storage and access control of users/team with policies Review collected by and hosted on G2.com.

What do you dislike?

Docs and real-life scenarios are not quite the same. The google page with QA is more helpful Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Secret storage

Access control Review collected by and hosted on G2.com.

Show More
Show Less
UM
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

- Highly reliable authentication mechanism

- It offers a seamless access to store & retrieve sensitive data

- The APIs to read & write secrets in vault are quite useful Review collected by and hosted on G2.com.

What do you dislike?

- Deploying this tool could be difficult for a newbie

- Functionality of Randomize token / password generation should also be provided Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Vault, the name itself is self explanatory, a great tool to store secrets. This tool is used to store and retrieve sensitive data in my company & one can easily rely on the authentication mechanism provided by the tool. Review collected by and hosted on G2.com.

Show More
Show Less
Office Worker
Internet
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

This simplicity. Whether it's the HTTP API you use to write/read secrets, their amazing CLI toolEase of installation and use. The process was a simple download and works with brew install. Review collected by and hosted on G2.com.

What do you dislike?

I would like to have a more portable light-weight solution for using on nodes.Manually unseal when all the vault servers are sealedDifficult to setup to work with a production/staging environment out of the box. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Secure storage of secret of the product platform.easy to implement middleware in our existing app and microservices Review collected by and hosted on G2.com.

Show More
Show Less
AE
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

I like that I can trust my data is kept secure and not at risk of being hacked. I trust the company that it's working. It's easy to use interface also helps and makes this a worthwhile product Review collected by and hosted on G2.com.

What do you dislike?

I dislike the fact that I need to use a service like this, but thats not on the company at all. I'm glad there are companies out there that help with problems like this Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Keep on keeping our stuff secure Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Ensure accounts are secure, passwords are private and our clients data can't be accessed by anyone with our credentials Review collected by and hosted on G2.com.

Show More
Show Less
CEO & Co-Founder
Computer Software
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

- A highly reliable authentication mechanism

- Easy to use Apis and clients

- Great for GDPR compliance

- Supported and maintained by an official company Review collected by and hosted on G2.com.

What do you dislike?

Nothing, it's a greqat product that is free to use Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We're using Vault to improve our security and stay GDPR compliant Review collected by and hosted on G2.com.

Show More
Show Less
Manager
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

It was helping in creating a site where people could access thing very easily and work together Review collected by and hosted on G2.com.

What do you dislike?

It was little hard to get used to at first Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It helped us have better security and grow as a company Review collected by and hosted on G2.com.

Show More
Show Less
UC
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

It keeps our sensitive date and credentials out of our repositories Review collected by and hosted on G2.com.

What do you dislike?

It's not the cheapest option in the market Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Git it a try! I'm sure it won't let you down Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

I want to keep our sensitive data and credentials out of repositories. HashiCorp Vault helps to accomplish that by keeping these sensitive data in a vault and injecting them as environment variables Review collected by and hosted on G2.com.

Show More
Show Less
UI
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Vault is perhaps the most commonly heard name in secret storage for infrastructure these days.

I like:

1)Multi-factor authentication

2)BYOK

3)various secrets type support

4)resilience as design Review collected by and hosted on G2.com.

What do you dislike?

I compared Vault Key Management System with Torus. And yes, we can use Vault Key Management or Torus for connectors authentication tokens. But it leads us to create reliable and resilience the Key Management System. It was approved and we have already created a task for a Vault Key Management investigation. Currently, there is an explosion of tools that aim to manage secrets. For the first glance, Torus has a poor functionality in support of multi-factor authentication (and so on). Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Access to production cloud instances

API tokens distribution for external integrations Review collected by and hosted on G2.com.

Show More
Show Less
UC
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Secure. Plenty of available clients for it. Works well in a non-monolithic architecture. Review collected by and hosted on G2.com.

What do you dislike?

Fairly complex when compared to something like AWS KMS. Requires a bit of setup. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Storing secrets and credentials in a secure manner for distributed architecture. Review collected by and hosted on G2.com.

Show More
Show Less