Secrets Management For Every Engineering Team
Upgrade security throughout the stack with a unified secrets management platform that every engineer can use – from admin to intern.
Secrets Get In Your Way
Putting passwords and API keys in source code creates a security risk. But handling them properly creates complexity that makes it extremely cumbersome to deploy.
-
Secrets LeakGit, Slack, and email are designed to share information, not to keep secrets.
-
Manual Deploys Don't Scale
Copy-pasting values and waiting on that one admin who holds all the keys simply don't scale when you're deploying software multiple times a week.
-
No Traceability
It's impossible to track who accessed what secrets at what time, making compliance audits a nightmare.
-
38%
of organizations report having exposed hardcoded secrets in their source code
-
96%
of developers report that disconnected security & development workflows inhibit productivity
Deploy Software Without
Exposing Secrets
Eliminate secrets in source code by replacing plaintext values with a reference to the secret. SecretHub then automatically loads secrets into your app the moment it starts.
Replace plaintext secrets with reference tags
Use the CLI to encrypt and store secrets and then simply tell the code where to look for the secret. Your code is now free of secrets and can be shared with everyone on your team.
Load secrets into your app the moment it starts
Install the lightweight agent to automatically provision secrets to your app, wherever it runs. Secrets are only temporarily loaded where needed and are wiped when the app exits.
Control & monitor privileged access to secrets
Enforce security with access controls and audit logs. When people leave or an incident happens, update secrets in one place and push it out everywhere.
Open Source
We understand you don’t trust people blindly. We wouldn’t either. That’s why all client-side code is open source and available on GitHub. This not only means that you can inspect our code, but that others have done so too.
End-to-End Encryption
Of course you don’t feel like sharing your precious secrets with us. Luckily you don’t have to. Every secret is encrypted before a single byte ever leaves your device. Only you and your team control the encryption keys and who is able decrypt your secrets.
High Availability as a Service
You don't have to set up, monitor, and maintain a highly available cluster. Take advantage of the globally distributed service to get up and running on production in less than a day. Custom hosting and uptime SLAs are available.
Security That Benefits Everyone
Good secrets management doesn’t just make things more secure, it simplifies critical processes and makes the entire organization move faster.
Developer
Develop, test, and deploy software without secrets near your code.
DevOps
Effectively support developers to deploy their code by standardizing across teams & stacks.
Security
Ensure secrets are properly handled, monitor (ab)use, and take effective action when incidents occur.
Why Customers Love SecretHub
Case Study
How Turn.io Helped 20M+ People During COVID-19
Having a unified secrets management platform enabled Turn.io to scale their server infrastructure 20x across multiple clouds in response to COVID-19.
Case Study
How Smaily Scales Infrastructure To Send 100M+ Emails Per Month
Smaily uses SecretHub to manage a large server infrastructure with just a small DevOps team.
Every day I have clients that have cleartext passwords or need to manage various password vaults. The common denominator is that code becomes a security risk, and it becomes extremely cumbersome to deploy applications and share secrets. With SecretHub, I can now develop, test and deploy without a single secret anywhere near my code or tools. This is what the industry has needed for a long long time!
We've tried pretty much every solution out there for secrets management and SecretHub is The Thing filling the void in our pipeline. The experience was super nice, we had zero friction integrating SecretHub with our infrastructure.
As someone working in ops, I do not want to burden our developers with complex security. With SecretHub, the developers give me environment variables and I only have to add the SecretHub binary to my containers. It allows them to focus on their job and I know all the secrets are secure. SecretHub is a perfect example of KISS. It took me less than two days to get from zero to hero on our infrastructure. If I had to use HashiCorp Vault, I would still be here studying.
We were really looking for a solution that we could implement quickly and all the alternatives were way too complicated and created lots of friction. With SecretHub, there are no complex setups, self-managed clusters or complicated key management operations on GCP and AWS. From finding SecretHub, to signing up, to actually using it on production and deploying secrets into Kubernetes, was a day’s work.
Our systems handle large amounts of privacy data, so infrastructure security and compliance is crucial. SecretHub was instrumental in getting certified for ISO 27001 and NEN 7510, the chapters on key management practically wrote themselves.
Managing secrets for most CI tools is a pain in the ass. The only way to define secrets is to manually define them as environment variables in the GUI, which takes a lot of time. This is fine for 1 project, but we have over 180 projects so that’s not an option. SecretHub is a big time saver in that regard. It’s really easy to use and I got a pipeline with secrets up and running within half an hour!
