We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Armon Dadgar – Zero Trust Security
Discover how to harden your internal security with HashiCorp Vault, rotating credentials and implementing identity-based authorization, and transforming your security model to an identity-centric approach.
- Start considering hardening the inside of the four walls as well as the applications.
- Use HashiCorp Vault to rotate credentials, manage full life cycle, and prevent reuse.
- Introduce identity-based approach, authenticate applications against Vault, and use context to authorize access.
- Define a single layer, connecting all microservices, using mutual TLS with certificates.
- Rotate credentials independently, generating them on demand using an API, and using Vault’s key hierarchy.
- Use Terraform to manage infrastructure, and utilize Vault as a centralized secret management system.
- Focus on defining who the users are, what groups they belong to, and what authorization is needed.
- Implement a dynamic credential system, allowing for rotation, and using Vault to create and manage secrets.
- Redesign security models around identity, rather than traditional perimeter-based security.
- Use APIs and infrastructure-as-code to automate networking and security, rather than manual configuration.
- Manage access to services based on identity and context, rather than relying on IP addresses.
- Rotate master keys, shard them into key shares, and encrypt them with a key encryption key.
- Design infrastructure to support multi-cloud environments, and use Vault to provide a unified secret management system.