Have you ever installed Hashicorp Vault and wondered to yourself:
“Am I actually protecting my organization?”
You’re not alone.
While it’s easy to install Vault, making sure that it is configured correctly for productivity and security can be a challenging task.
I’ve built my fair share of guides and webinars and worked with Vault a-lot recently. This has led me to create my own list of Vault’s best practices.
Auditing simply means to log every interaction with Vault, any API request/response, the audit log contains every interaction with Vault, including errors.
Note: If Vault won’t be able to audit an API…