|
|
|
|
|
|
by snoshy
2086 days ago
|
|
|
The alternative would be to scatter your secrets across several different stores, each of which would have their own security boundaries. In quite a lot of backend systems, you're only as strong as your weakest link. Now you're in a situation where you have to audit the attack surface of several different systems, so I'm not sure how Vault would be particularly worse at this task. I would wager a larger portion of security incidents due to security products being harder to use correctly, and Vault is one of the cleaner and easier-to-use solutions in this regard, so I still think it's a step forward. |
|
|