2026-02-16 16:00
🚀 Vault Radar 2025 has launched new integrations to enhance secrets management in DevSecOps. Key updates include real-time detection in code repositories, collaboration tools, and cloud platforms. With features like Jira and Slack scanning, teams can identify risks early and streamline remediation. The new VS Code extension empowers developers to fix vulnerabilities before they leave the editor, promoting a stronger security culture. For more information, check out the latest updates!...
Source: HashiCorp Blog
David Mills
2026-02-13 17:00
📊 HCP Vault introduces a new feature: certificates and secrets inventory reporting, now in beta! This tool enhances visibility for security teams regarding secrets and certificates, helping answer crucial questions about their management. It provides full inventory visibility, lifecycle insights, and advanced filtering, allowing teams to make informed decisions and streamline audits. Centralizing secrets management is vital for compliance, especially in regulated industries. Learn how these...
Source: HashiCorp Blog
Claudia Cornali-Motta
2026-02-12 17:00
🔒 Modern enterprises face challenges with static credentials and perimeter-based security in cloud-native environments. HashiCorp Vault, paired with workload identity federation (WIF), addresses these issues by enforcing zero trust principles. ⚠️ Static secrets expose organizations to risks like credential leaks and overprivileged roles. Recent incidents highlight the dangers of "secret zero," the initial credential needed to access Vault. 🔑 WIF with Vault removes the need for static secrets,...
Source: HashiCorp Blog
Nesh Chandarana
2026-02-10 17:00
🌍 The World Bank has transformed its hybrid cloud management by adopting a platform engineering strategy. By using HCP Terraform, they reduced infrastructure provisioning from 5 days to just 30 minutes. This shift supports 1,700 applications across Azure, AWS, and GCP. They tackled five main challenges: manual processes, configuration drift, compliance issues, bespoke applications, and cognitive load. Key pillars of their strategy include enhancing developer experience, security by design,...
Source: HashiCorp Blog
Mitch Pronschinske
2026-02-09 17:00
Duke Energy's transition to the cloud highlighted key lessons in scaling security without sacrificing speed. 🌩️ Facing new security challenges, they standardized on tools like Terraform Enterprise and Sentinel for better governance. This shift helped manage security risks while maintaining rapid development. Discover the six lessons learned from their cloud journey and how they built a secure developer platform. 🔐 #CloudSecurity #DigitalTransformation #DukeEnergy #Terraform #DevOps
Source: HashiCorp Blog
Michael Wood
2026-02-05 18:30
🚀 Managing multi-IP hosts in Boundary just got easier! This article explains how to configure preferred endpoints to ensure successful connections in dynamic cloud environments. Boundary’s dynamic host catalog automatically syncs with your infrastructure, reducing manual entry. Handling multiple IPs can be challenging. The Preferred Endpoint feature allows you to prioritize IP addresses, ensuring connections are made reliably. Configuration can be done via CIDR blocks or DNS values, using the...
Source: HashiCorp Blog
Rachana Badekar
2026-02-04 17:00
The banking and finance sector is investing heavily in technology, spending around $600B annually. With mobile banking making up 55% of transactions, effective secrets management has become crucial. 🔑 Learn key lessons from recent cases: poor secrets management can lead to significant risks. Common issues include hard-coded credentials, long-living secrets, and broad access privileges. These can expose organizations to breaches. Addressing these vulnerabilities is essential to protect...
Source: HashiCorp Blog
Gene Likins
2026-02-03 17:00
🔒 PCI DSS 4.0.1 compliance is crucial for protecting payment data, especially in cloud-native environments. HashiCorp Vault and HCP Vault Radar are key tools that help organizations meet these requirements by securing sensitive secrets and continuously monitoring for potential leaks. Vault handles secure storage and access control, while Vault Radar detects when secrets escape their intended environments. Together, they provide essential safeguards for maintaining compliance. #PCIDSS...
Source: HashiCorp Blog
Chandni Patel
2026-02-02 17:00
🚀 Exciting news from HashiCorp: the launch of **HashiCorp Agent Skills**! This open library helps teams enhance their infrastructure management with AI. The initial Skills focus on **Terraform** and **Packer**, enabling AI assistants to understand product specifics, best practices, and plugin frameworks. Key functionalities include generating Terraform code, writing tests, and building images on AWS and Azure. These Skills streamline complex tasks and improve workflow efficiency. 🔧 For more...
Source: HashiCorp Blog
Roshan Chandna
2026-01-30 18:00
🌐 As organizations grow globally, managing secrets efficiently is crucial. HCP Vault Dedicated offers a fully managed solution for performance replication, enabling fast, local access for encryption and authentication. 📊 This service eliminates the need for teams to handle complex, multi-region Vault clusters, simplifying operations and enhancing scalability. 🔑 Key features include region-local read access, asynchronous state replication, and transparent write routing—ensuring high...
Source: HashiCorp Blog
Rich DuBose
2026-01-28 17:00
🔍 Exposed secrets contribute to nearly 30% of data breaches, costing organizations an average of $4.45 million. Secret sprawl is a growing security risk that needs attention. 💻 The article highlights five common sources where secrets can leak, including collaboration tools and code repositories. Attackers often exploit these areas, leading to unauthorized access and potential breaches. 🔑 Understanding where secrets hide and how to detect them is crucial for improving security measures. By...
Source: HashiCorp Blog
Chandni Patel
2026-01-26 17:00
On October 20, 2025, AWS us-east-1 faced significant disruptions. However, HCP Vault Dedicated showcased its resilience, maintaining 100% uptime for customer clusters during this event. 🌐🔒 While the control plane experienced some issues, the data plane continued to operate seamlessly. This incident validated our architectural design principles and highlighted the effectiveness of our operational procedures. We aim to share insights on building resilient cloud-native services. 💡📊...
Source: HashiCorp Blog
Harini Murugan
2026-01-23 17:00
🚀 Exciting updates are here for the Terraform MCP server! Version 0.4 introduces new features aimed at enhancing DevOps efficiency. Key updates include support for Terraform Stacks and streamlined policy management tools. 🔒 For users facing strict data sovereignty or limited internet access, our MCP server enables AI automation in air-gapped environments, ensuring compliance and security. Discover how these improvements can optimize your workflow while keeping your infrastructure secure....
Source: HashiCorp Blog
Frederic Lavigne
2026-01-21 19:00
Managing secrets in enterprise systems can be complex and costly. 🚀 This article discusses the challenges of maintaining disaster recovery for secrets management and introduces HCP Vault Dedicated as a potential solution. It offers high availability, automated disaster recovery, and backup options, easing operational burdens for cybersecurity teams. 🔐 For those interested in optimizing their security operations, a comprehensive guide is available to assess your disaster recovery architecture....
Source: HashiCorp Blog
Glenn Chia Jin Wee
2026-01-16 17:00
🚀 Exciting updates are here for the Terraform MCP server! Version 0.4 introduces new features aimed at enhancing DevOps efficiency. Key updates include support for Terraform Stacks and streamlined policy management tools. 🔒 For users facing strict data sovereignty or limited internet access, our MCP server enables AI automation in air-gapped environments, ensuring compliance and security. Discover how these improvements can optimize your workflow while keeping your infrastructure secure....
Source: HashiCorp Blog
Gautam Baghel
2026-01-13 18:00
GEICO has made significant changes to its IT infrastructure to reduce cloud spending and enhance security. Initially, the company operated entirely on-premises but transitioned to a public cloud model by 2020. However, by 2022, they faced challenges with high costs and decreased developer productivity. To address these issues, GEICO is standardizing its infrastructure and shifting security focus from network-centric to identity-based approaches. This transition aims to simplify operations and...
Source: HashiCorp Blog
Mitch Pronschinske
2026-01-12 23:00
Ready to streamline your cybersecurity tools? 🛡️ In a recent article, experts discuss the importance of consolidating cybersecurity tools to reduce risks and improve efficiency. Overlapping functionalities can lead to alert fatigue and slower responses. The article outlines three key steps for effective consolidation: 1️⃣ Foster collaboration among cybersecurity, compliance, and platform teams. 2️⃣ Assess existing tools by gathering an inventory from all relevant teams to identify...
Source: HashiCorp Blog
Mitch Pronschinske
2026-01-12 23:00
Cybersecurity tool sprawl is a growing concern for organizations, leading to complexity and increased costs. 📉 Many businesses now use 45 to 83 separate tools, which complicates workflows and can heighten security risks due to poor integration. A significant number of leaders recognize the need for consolidation to improve efficiency and security.🔒 Key findings include: - 50% of CISOs seek to reduce tools. - 65% report having too many tools, with half unable to integrate them. - 75% aim to...
Source: HashiCorp Blog
Mitch Pronschinske
2026-01-12 17:00
Understanding hybrid cloud is crucial for businesses aiming to leverage data and AI effectively. 🌐 A hybrid cloud combines public, private, and on-premises infrastructure, allowing seamless access to advanced technologies while maintaining security. However, 52% of companies face challenges in managing this complexity, often due to siloed systems and communication gaps. 🔒 A unified lifecycle management approach can bridge these gaps, enhancing innovation and aligning with future data goals....
Source: HashiCorp Blog
Jenny Evans
2026-01-07 17:00
The future of secrets and identity management is shifting towards automation and integration across platforms. Non-human identities (NHIs)—like service accounts and API keys—now outnumber human users, creating management challenges. Static secrets pose security risks, as seen in the 2023 CircleCI breach, where compromised tokens led to unauthorized access. Emerging solutions focus on workload identity, offering dynamic and short-lived credentials instead of static secrets. This approach...
Source: HashiCorp Blog
David Mills
2026-01-06 15:00
🚀 Air France-KLM has transformed its automation platform to enhance security and compliance while scaling operations. Using Terraform, Vault, and Ansible, they shifted from a compliance-by-construction model to compliance-by-guardrails, allowing for better governance. Key improvements include reducing provisioning time from hours to minutes and minimizing errors through automation. This change supports their complex infrastructure across multiple cloud providers. 🌐 Learn more about Air...
Source: HashiCorp Blog
Mitch Pronschinske
2025-12-29 17:00
In 2026, hybrid cloud strategies will shift significantly as businesses embrace AI-driven automation. This will help streamline provisioning and enhance security in complex environments. 🤖☁️ Transformative companies will prioritize Infrastructure as Code (IaC) for better automation, while dynamic secrets will replace static ones to minimize security risks. 🔐 Moreover, continuous cost management will become essential to avoid unpredictable bills in the evolving cloud landscape. 📊...
Source: HashiCorp Blog
Jenny Evans
2025-12-22 17:00
🚀 HashiCorp's SE team launched "Demos done right" (DDR), a self-service demo infrastructure platform powered by Terraform. This initiative addresses demo sprawl, reducing spin-up time from 8-10 hours to under 10 minutes. Key outcomes include: - $12M+ in influenced ACV - Over 70% adoption rate - 800+ hours saved monthly DDR enhances efficiency and user experience for solutions engineers. #HashiCorp #Terraform #DevOps #Innovation #Efficiency
Source: HashiCorp Blog
Bharath Ramanathan
2025-12-18 20:00
🚀 Exciting updates from HashiCorp! Terraform has introduced enhanced features for HCP Terraform and Terraform Enterprise, focusing on scaling infrastructure efficiently. Key updates include: - **Stack component configurations** in the private registry for better resource management. - **Terraform migrate tool** for seamless workspace to Stacks migration. - **Flexible module publishing** with native monorepo support. These improvements aim to streamline workflows and enhance collaboration for...
Source: HashiCorp Blog
Chris Griggs
2025-12-18 19:00
🚀 Terraform Stacks streamline resource management and provisioning at scale. They tackle challenges like managing dependencies and reducing run time by allowing users to organize Terraform modules into manageable pieces. Key benefits include simplified management and improved productivity, enabling rapid creation of consistent infrastructure setups. Common use cases involve deploying applications as single units and managing Kubernetes workloads efficiently. #Terraform #InfrastructureAsCode...
Source: HashiCorp Blog
Vanshika Munjal
2025-12-17 21:00
🚀 Exciting updates for HCP Terraform users! By March 2026, those on the legacy Free plan must migrate to the enhanced Free tier, launched in 2023. This transition provides access to premium features for up to 500 managed resources and unlimited users, promoting collaboration. The enhanced Free tier focuses on security, offering features like SSO and policy as code to streamline onboarding for teams. If you're on the legacy plan, look for the in-product prompt to migrate today! #HCPTerraform...
Source: HashiCorp Blog
Kyle Ruddy
2025-12-16 15:00
🔒 The Vault Secrets Operator (VSO) enhances secrets management in Kubernetes by syncing HashiCorp Vault secrets directly into Kubernetes Secret objects. However, the default method stores these secrets unencrypted in etcd, raising security concerns. With Vault Enterprise's protected secrets model, secrets are delivered into pods without being stored in etcd. This method uses a CSI driver to mount secrets dynamically at runtime, ensuring they are only available within the pod and removed when...
Source: HashiCorp Blog
Isabela Palanca Aureus
2025-12-04 18:30
🚀 Exciting news from re:Invent 2025! HashiCorp is now a launch partner for Kiro, AWS's new AI-powered IDE. Kiro introduces "powers," specialized tools that enhance development workflows. The Terraform power offers seamless infrastructure management by activating when relevant terms are mentioned. 🌐 This approach reduces context switching and optimizes token usage, providing a smoother developer experience. To get started, simply install the Terraform power from the Kiro IDE. Learn more at...
Source: HashiCorp Blog
Welly Siauw
2025-12-03 17:00
🚀 The rise of agentic AI systems is changing how enterprises manage software. Unlike traditional AI, these systems operate autonomously and present new security challenges. 🔒 Non-human identities (NHIs) are now a significant concern, outnumbering human identities 50:1. With 97% having excessive privileges, NHI exploitation is a top cybersecurity threat. 💡 Effective security strategies must include dynamic secrets, auditing, and proper attribution mechanisms to protect against vulnerabilities....
Source: HashiCorp Blog
Nic Jackson
2025-12-02 17:00
🌐 At re:Invent 2025, HashiCorp and AWS announced advancements aimed at simplifying cloud operations. Key updates include pre-written Sentinel policies for PCI-DSS, enhancing compliance and security for organizations using Terraform. This helps automate enforcement of essential controls and eases audit processes. Additionally, HCP Vault Radar now features AWS Secrets Manager correlation and S3 scanning. This improves protection against secret sprawl and enhances visibility into sensitive...
Source: HashiCorp Blog
Mike Doheny
2025-12-02 16:30
🌐 In the evolving landscape of hybrid and multi-cloud environments, managing infrastructure is becoming increasingly complex. 🔍 An article discusses how Terraform actions can standardize Day 2 workflows, ensuring effective long-term infrastructure management. It highlights that most risks occur post-deployment, making ongoing maintenance crucial. ⚙️ Day 0 involves provisioning, Day 1 focuses on configuration, and Day 2+ is about management and optimization. Common challenges include...
Source: HashiCorp Blog
Steven Weaver
2025-12-02 05:00
🚀 Exciting news for AWS users! The integration of HCP Vault Dedicated with AWS PrivateLink simplifies secure access to secrets and encryption keys. This fully managed service reduces operational overhead and eliminates public endpoints, enhancing security. 🔒 Organizations can now connect securely without the hassles of complex networking setups. With Terraform, provisioning becomes seamless, ensuring efficient workflows from day one. 🌐 #AWS #HCPVault #CloudSecurity #Terraform #DevOps
Source: HashiCorp Blog
Rich DuBose
2025-12-01 17:00
HashiCorp, an IBM Company, has been named an Overall Leader in the 2025 KuppingerCole Leadership Compass for Non-Human Identity Management. This recognition highlights its strong performance across all categories: Overall, Product, Innovation, and Market Leader. 🌐🏆 As non-human identities (NHIs) now outnumber human identities, effective management of these identities is crucial for cloud security. With the rise of automation and AI, organizations face challenges in controlling credentials and...
Source: HashiCorp Blog
Jackson Connell
2025-12-01 14:00
🌐 Struggling with cloud management? You're not alone. A recent report reveals that 97% of organizations face challenges with their cloud infrastructure, including wasted resources and configuration drift. 🚀 Introducing Terraform Search, now available in Terraform 1.14. This tool helps discover and import unmanaged resources into a unified workflow, addressing issues like governance and cloud waste. 🔍 Learn about the benefits of auditing and managing your cloud estate effectively. #Terraform...
Source: HashiCorp Blog
Andre Faria
2025-11-24 17:00
🚀 The Terraform AWS provider has hit 5 billion downloads, reflecting significant growth in cloud infrastructure management. This milestone illustrates the evolution from manual resource management to automated, policy-driven solutions. As cloud environments become more complex, the demand for unified management tools like Terraform has surged. 🤝 AWS remains central in this transformation, helping teams simplify their cloud journeys. Regular updates ensure the provider supports a wide range of...
Source: HashiCorp Blog
Marc Cosentino
2025-11-20 17:00
🌐 Securing your infrastructure is essential in today's evolving AI and hybrid-cloud landscape. Terraform offers solutions to address common challenges such as manual workflows, lack of security controls, and inconsistent policy enforcement. By leveraging Infrastructure as Code (IaC), teams can create a more efficient and secure provisioning process. Key practices include bridging skills gaps and simplifying workflows using HashiCorp Configuration Language (HCL), allowing for a more...
Source: HashiCorp Blog
Dan Barr
2025-11-19 17:00
🌐 Cloud computing spending is set to rise significantly, but a large portion is wasted. A recent survey indicates that 78% of companies waste 21%-50% of their cloud budgets annually. 💸 To tackle this, three steps are recommended, including rethinking app architecture from CapEx to OpEx. A real-world example shows how one insurer reduced costs from $100 million annually to just $800 per day by modernizing their analytics system for the cloud. Understanding cloud waste and optimizing resource...
Source: HashiCorp Blog
Michael Wood
2025-11-17 17:00
🚀 Developer attrition is a growing concern for organizations. Many engineers leave not because of coding fatigue, but due to challenging work environments. Key issues include unreliable tools, inefficient processes, and excessive technical debt. For instance, 67% of software teams struggle with build and testing delays, costing valuable time. 🕒 Additionally, 59% of developers cite technical debt as a major productivity drain. Addressing these challenges is crucial to retaining talent and...
Source: HashiCorp Blog
Lauren Dyer
2025-11-13 18:00
🔒 As AI systems grow more autonomous, securing their identity is crucial. The SPIFFE framework addresses this need by providing a reliable identity system for non-human workloads. ✨ SPIFFE enables unique identities for each service, supports dynamic credentialing, and ensures trust across different environments. This is essential for agentic AI systems that operate independently. 🔗 By using SPIFFE, AI agents can securely authenticate and communicate, enhancing safety in multi-agent...
Source: HashiCorp Blog
David Mills
2025-11-12 19:00
Building resilient infrastructure is crucial for businesses in regulated industries. IG Group's Platform Security Team Lead, Andrew Blooman, shared insights at HashiDays 2025 on addressing this challenge. Key lessons include: 1. **Regulatory compliance is essential**. DORA mandates secure coding practices and strict separation of environments, driving modernization in security architecture. 2. **Secret sprawl poses risks**. Leaked secrets can lead to multimillion-dollar breaches. IG Group...
Source: HashiCorp Blog
Mitch Pronschinske