In my opinion, HashiCorp Vault could improve its user interface. Right now, they don't offer much in terms of a graphical interface, which means you usually have to manage things manually through API calls. I think CyberArk has a better approach because it provides a UI that integrates features across all its components, making it easier, especially for new users or those from organizations with strict licensing policies.
Project Manager at a comms service provider with 201-500 employees
Real User
2022-03-30T11:55:40Z
Mar 30, 2022
Its cost can be improved. It is really pricey, but to be fair, it did everything that we wanted it to do. Because of our requirements for high availability, redundancy, and resiliency, we needed a lot of clusters and a lot of nodes. We needed a massive architecture and the price of it was so inhibitive. It was going to cost us over a quarter of a million a year. In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it.
I don't think there are any major improvements required—so far, so good. However, I think that having more training materials, such as videos, and documentation available would be helpful. I would prefer to have more videos available either on the official site or on YouTube.
We found that Microsoft Azure Vault is better due to the fact that it has integration with all of the Azure services. It would be better if it integrated more broadly with cloud API such as Amazon Web services, et cetera. The error handling could be a bit better. The technical support was hard to get a hold of and lacking in service. The initial setup could be simplified.
Founder & Principal Architect at NCompas Business Solutions Inc.
Real User
2021-03-16T23:00:21Z
Mar 16, 2021
We could use more documentation, primarily to do with integrations. Anybody who uses HashiCorp integrates with a public cloud, like Azure or AWS. Azure and AWS have their own secret management; how does this collaboration work between the key vault of HashiCorp to the key vault of Azure? Some of this documentation is not up to mark.
The documentation is very general; it should have more examples and more use cases. Basically, they just tell you the syntax without a better explanation of how to do things. We learned all of the Vault Commands (CLI) and they work fine, except when we are running on an EKS cluster then the syntax changes. Most of the commands are not working.
TechOps Engineer - Middleware & Containers specialist at EBRC -European Business Reliance Centre
Real User
2019-05-23T17:02:00Z
May 23, 2019
A Service Mesh workflow connected within Vault workflow would be difficult to integrate, depending on the SI complexity and security compliance. A drawback for some clients who have to be PCI compliant is that they still need to use and subscribe to an HSM (Hardware Security Module) solution. Compliance: www.pcicomplianceguide.org
HashiCorp Vault is a cloud-agnostic solution used for security and secret management. Its valuable features include integration with other HashiCorp tools, token sharing, open source nature, cloud agnosticism, and on-the-fly encryption management.
The solution provides encryption of data at rest, in use, in transit, on the fly, and linked with applications. It is free to use, and the interface is simple to navigate. HashiCorp Vault has helped organizations with its multiple...
In my opinion, HashiCorp Vault could improve its user interface. Right now, they don't offer much in terms of a graphical interface, which means you usually have to manage things manually through API calls. I think CyberArk has a better approach because it provides a UI that integrates features across all its components, making it easier, especially for new users or those from organizations with strict licensing policies.
The onboarding is a challenge. It should be more self-service, but it involves reviews and approvals.
There could be a plugin for the database to change the secret automatically. It would be an efficient feature for password security.
The product is complicated to install. It could be easier. Additionally, its pricing model needs improvement.
There is room for improvement in stability.
They should include automation features for the solution's implementation process. It will make the deployment simple.
Its cost can be improved. It is really pricey, but to be fair, it did everything that we wanted it to do. Because of our requirements for high availability, redundancy, and resiliency, we needed a lot of clusters and a lot of nodes. We needed a massive architecture and the price of it was so inhibitive. It was going to cost us over a quarter of a million a year. In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it.
I don't think there are any major improvements required—so far, so good. However, I think that having more training materials, such as videos, and documentation available would be helpful. I would prefer to have more videos available either on the official site or on YouTube.
We found that Microsoft Azure Vault is better due to the fact that it has integration with all of the Azure services. It would be better if it integrated more broadly with cloud API such as Amazon Web services, et cetera. The error handling could be a bit better. The technical support was hard to get a hold of and lacking in service. The initial setup could be simplified.
We could use more documentation, primarily to do with integrations. Anybody who uses HashiCorp integrates with a public cloud, like Azure or AWS. Azure and AWS have their own secret management; how does this collaboration work between the key vault of HashiCorp to the key vault of Azure? Some of this documentation is not up to mark.
The documentation is very general; it should have more examples and more use cases. Basically, they just tell you the syntax without a better explanation of how to do things. We learned all of the Vault Commands (CLI) and they work fine, except when we are running on an EKS cluster then the syntax changes. Most of the commands are not working.
A Service Mesh workflow connected within Vault workflow would be difficult to integrate, depending on the SI complexity and security compliance. A drawback for some clients who have to be PCI compliant is that they still need to use and subscribe to an HSM (Hardware Security Module) solution. Compliance: www.pcicomplianceguide.org