| > I thought it was because there are at least a dozen ways to securely encrypt/decrypt data, most of which are audited. Any yet people still implement on top of and leverage those lower-level libraries poorly. >Skimming their site they seem to offer some sort of encryption + service hosting? I believe they have a hosted SaaS solution now, but Vault is FOSS: https://github.com/hashicorp/vault >I don't see how this is much different than any of the other options out there. Vault manages your application-level encryption so you don't have to. That's a lot different than most of the options out there. >And not really an equivalent to using RSA as it looks to be tied to their hosting. It's not tied to their hosting. Spin it up on some VMs or a kubernetes cluster. >I also tend to not trust for profit companies with things like this (esp. if it's closed source or I can't know what the servers actually run). It's open source and HashiCorp... That's like saying you don't trust Linux with things like this because of RedHat. >Has this service been audited? Yes. >Has it withstood against the US court system like veracrypt has multiple times? Yes. >Do their founders have any history that goes against good data security? How do you not know who HashiCorp is? >Your post sounds like an ad if I'm being honest. Nope, just a happy user. |