Hero Image
DevOps Exchange London March 2022

Centralising your secrets management platform and Identity Provider is an essential part of adopting a Zero Trust mindset, but one of the biggest challenges facing DevSecOps Engineers and Developers in this new paradigm is how systems and applications can get that initial secret that grants access to the secrets management platform. This is commonly referred to as Secret Zero and can’t be stored in plaintext in the application code due to the high risk of exposure.

March 25, 2022 Read
Hero Image
Part 1 | Zero Trust Security (ZTS) with HashiCorp and Azure: Automating Secrets Management

In Part 1 of 2 of our HashiCorp series, Rob Barnes from HashiCorp will discuss how you can leverage identity-based AuthN to Vault using Azure Active Directory and learn why centralising identity management at scale is critical to implementing Zero Trust Security (ZTS).

December 21, 2021 Read
Hero Image
Part 2 | Zero Trust Security (ZTS) with HashiCorp and Azure: Automating Secrets Management

In Part 2 of 2 of our HashiCorp series, Rob Barnes from HashiCorp is back to discuss why a key component for zero trust security (ZTS) is reducing secrets sprawl for machine-to-machine authorization. Hear from Rob to learn about using dynamic secrets generation for Azure Resources with Vault.

December 21, 2021 Read
Hero Image
Workload authentication to HashiCorp Vault with Azure IMDS and managed identity

In this episode, Rob Barnes from HashiCorp is back to show practitioners how to enable and configure the Azure auth method in HashiCorp Vault, as well as how applications hosted on Azure VMs can authenticate using a combination of managed identity and the Instance Metadata Service (IMDS).

December 21, 2021 Read
Hero Image
HashiConf EU 2021: The Zero Trust Mindset

Learn about how service mesh, identity-based access management, and secrets management can help implement zero trust without increasing development friction.

August 30, 2021 Read
Hero Image
HashiTalks Global 2020: Securing RabbitMQ with Vault

Learn how to configure a HashiCorp Vault server to help secure access to a RabbitMQ message queue in this talk for HashiTalks conference 2020. As more software architects move their application designs towards microservice architecture and asynchronous event-driven workflows, the use of message queue systems is ever increasing. RabbitMQ is a popular choice of message queue system which is widely used globally. Configuring applications to access such a message queue system without compromising its access credentials in the source code is a challenge that can be solved using Hashicorp Vault as a secrets management platform.

February 22, 2020 Read
Hero Image
Kafka Summit EU 2021: Encrypting Kafka messages at rest to secure applications

Whilst Kafka has the ability to encrypt data in transit, it does not have the functionality out of the box to encrypt data at rest. This places the responsibility of encryption of data placed on message queues on developers. Implementing cryptography correctly in our applications is challenging and time consuming. In this demo-driven talk, I will show you how you can use HashiCorp Vault’s API to implement a simple workflow that offsets the complexity of cryptography to Vault.

February 22, 2020 Read
Hero Image
Architecting Vault - Part 4

In this blog edition, we’ll look at what Vault’s seal status means, different ways to unseal vault servers and when we can expect to find vault in a sealed state. Sealing is Vault protective mechanism that prevents you secrets from being accessible if the Vault server is ever compromised in any way. When you first deploy a Vault server, it is in a sealed state, which means, there aren’t many actions you can perform on the server.

August 6, 2019 Read
Hero Image
Architecting Vault - Part 3

So far in this blog series, we have covered hosting options for Vault deployments and also explored the different options available for Storage backends and some of the considerations needed when making your design decision. This post will look at the auth methods that are available for you to enable in your Vault deployment and how to make the right decision as to which option to choose for your use case.

July 29, 2019 Read
Hero Image
Architecting Vault - Part 2

In the previous blog post, i discussed hosting options for Hashicorp Vault and things to consider when making decisions about the platform to deploy your production Vault Cluster on to. This post will focus on the next architectural decision that you need to make when designing your vault cluster. Which backend do i want to use for my Vault Cluster? Firstly, let’s define what a backend is in the context of Vault and what capabilities a backend can enable for our cluster.

July 21, 2019 Read
Hero Image
Architecting Vault - Part 1

In the modern world, applications and the infrastructure they run on are moving to a multi-cloud, multi-platform and multi-service approach. This means that applications are being separated into service components that make up an application stack and run on a number of different platforms to deliver the business value, for example, some services may run in a container which is orchestrated by Kubernetes or Nomad, some may be run on Virtual Machines and the others run as Serverless functions using services like Lambda or FunctionApp.

July 14, 2019 Read
Hero Image
What is the future of DevOps

The way business is conducted, marketing campaigns executed, and sales are concluded have all changed. Whereas the focus used to be on the product and the marketing around it, we are now in a world of experience and convenience. Consumers are now paying for experience and convenience above most things. This evolution can be seen with examples like Air bnb, the world’s largest hotel chain that doesn’t own a single hotel.

June 10, 2019 Read