The Garantir team is delighted to announce a new technology partnership with HashiCorp, a market leader in multi-cloud infrastructure automation software. The partnership brings an integration of GaraSign, Garantir’s flagship product, with HashiCorp Vault, a tool to secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data. The integration enables customers to make use of cryptographic keys stored in Vault without ever exporting the keys to end users, thereby keeping the keys secure, while also maintaining the highest level of performance.
GaraSign is an enterprise platform for running secure and highly performant cryptographic operations. By restricting end-user clients to proxied access to private key material, GaraSign ensures that the private keys remain secured in HashiCorp Vault or hardware security modules at all times. Additionally, GaraSign provides end-users with faster access to private key material with a client-side hashing architecture.
HashiCorp Vault provides a unified interface to secrets stored across multiple clouds and data centers, while restricting access to those secrets and recording a detailed audit log of which users have requested access to them. GaraSign integrates with Vault as one of its cryptographic tokens (or “key containers,” as they’re called within the GaraSign lexicon) via Vault’s Transit Engine.
Garantir’s GaraSign and HashiCorp Vault complement each other remarkably well. GaraSign offers a multitude of native client integrations, including Apple, Microsoft, Java, GPG, OpenSSL, and much more, which enables all end-user signing clients throughout an enterprise environment to securely use private key material stored in HashiCorp Vault, without exporting that private key material.
At the same time, HashiCorp Vault centralizes and safeguards secrets and private keys from multiple clouds and data centers. This allows customers to manage all secrets and sensitive data in one centralized location, providing an extremely robust level of security and making it easy for end users to gain access to private keys they need (and only the keys they need).