Back

Veza Partners with HashiCorp to Provide Next Generation Identity Security for Human and Non-Human Identities (NHIs)

Combination of Veza’s Access Platform and HashiCorp Vault delivers advanced identity security capabilities to remediate high-risk access, prevent credential exposure and expedite audit and compliance processes 

PALO ALTO, CA – September 5, 2024 – Veza, the identity security company, today announced a partnership with HashiCorp, The Infrastructure Cloud™ company, to deliver an integrated solution for solving modern identity security challenges. Together, the Veza Access Platform and HashiCorp Vault empower joint customers to strengthen their identity security posture by bringing least privilege to the management of secrets and keys.

With cloud and SaaS investments maturing rapidly, coupled with the advent of new technologies like Generative AI (GenAI), the complexity of enterprise environments has created a significant challenge for security and identity teams, as they work to secure a growing number of human and non-human identities. According to Gartner®, “The number of machines (workloads and devices) now outnumbers humans by an order of magnitude and organizations must establish tooling and processes to control those identities.”1

“The vast majority of identity security solutions share a fundamental flaw – they fail to provide visibility into what actions human and non-human identities (NHI) can take,” said Rich Dandliker, Chief Strategy Officer, Veza. “By bringing access visibility and access intelligence into HashiCorp Vault access permissions, the Veza Access Platform delivers a unified solution that allows customers to control access to enterprise resources for any identity.”

The integration between Veza and HashiCorp Vault provides joint customers with unprecedented visibility and lifecycle management for identity-based secrets and encryption keys. Veza adds deep visibility to which secrets have access to read or change sensitive data, showing excess permissions that open doors for attackers. Veza’s capabilities find and fix problematic access to secrets like tokens, passwords, certificates, and API keys. The benefits of the integration include:

  • Reduced risk of breaches: Minimize the impact of cyberattacks by reducing an organization’s attack surface for both human and non-human identities.
  • Streamlined compliance: Accelerate compliance with automated alerts and workflows that trigger actions such as access reviews. 
  • Streamlined licensing: Visualize consumption of Vault licensing to align with an organization’s requirements. 

“We are excited to have Veza as a technology partner,” said Asvin Ramesh, Sr. Director of Alliances at HashiCorp. “Our new HCP Vault integration with Veza offers Vault customers a streamlined, centralized solution to gain full visibility into enterprise access. This allows them to proactively address potential identity security risks before they escalate into critical incidents.”

Powering the Identity Security programs of organizations like Blackstone, Expedia, and Wynn Resorts, Veza’s Access Platform gives security and identity professionals an end-to-end understanding of who can take what action on what data, across all applications and systems. With this comprehensive visibility, Veza customers maintain least privilege by adjusting permissions continuously with automated monitoring. Because Veza understands permissions from all enterprise systems, organizations can ensure that access is secure across the entire IT landscape, including SaaS applications, data systems, custom applications, and cloud infrastructure.

Learn more:

Citations

  1. Gartner, Managing Machine Identities, Secrets, Keys & Certificates, Erik Wahlstrom, 12 September 2023.
    GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

About Veza

Veza is the identity security company, helping organizations secure access across the enterprise. Veza’s Access Platform goes beyond identity governance and administration (IGA) tools to visualize, monitor, and control entitlements so that organizations can stay compliant, achieve least privilege, and de-risk the breach. Global enterprises like Wynn Resorts, Expedia, and Blackstone trust Veza to manage identity security posture, with use cases in privileged access management (PAM), non-human identities (NHI), cloud entitlements (CIEM), data system entitlements, SaaS entitlements, and IGA. Founded in 2020, Veza is headquartered in Los Gatos, California, and is funded by Accel, Bain Capital, Ballistic Ventures, Google Ventures (GV), Norwest Venture Partners, and True Ventures. Visit us at veza.com and follow us on LinkedIn, Twitter, and YouTube.

Media Contact
Jared Blistein
jblistein@veza.com