Vault provides Encryption as a Service (EaaS) to enable security teams to fortify data during transit and at rest. So even if an intrusion occurs, your data is encrypted and the attacker would never get a hold of the raw data.

Data Encryption

Getting Started

Getting Started with HCP Vault

Getting Started with Vault UI

Get Started

Advanced Data Protection

Database Credential Rotation

Key Management

Secrets Management

Use Cases

Prepare for Vault Associate Exam

Prepare for Vault Operations Pro Exam

Certification Prep

Deploy Cluster with Consul

Deploy Cluster with Integrated Storage

Vault Enterprise

HCP Vault

HCP Vault Monitoring

Monitoring & Troubleshooting

Recommended Patterns

Standard Operating Procedures

Production

App Integration

Custom Secrets Engines

HashiCorp Product Integrations

Kubernetes

Vault Agent

Integrations

Auth Methods

Auto Unseal

Operations Fundamentals

Integrated Storage

Policies

Vault Tokens

Operations

Vault's transit secrets engine handles cryptographic functions on data in-transit. It can also be understood as encryption as a service.

Encryption as a Service: Transit Secrets Engine

Demonstrate one possible way to re-wrap data after rotating an encryption key in the transit engine in Vault.

Transit Secrets Re-wrapping

Understand Vault's AppRole authentication pattern and how to use it to
securely introduce a Vault authentication token to a target server,
application, container, etc. in a Java environment.

Java Application Demo

Infrastructure

Security

Applications

Networking

cloud