HashiCorp Launches Open Source Identity Framework - Security Boulevard

HashiCorp Launches Open Source Identity Framework

HashiCorp, at its HashiConf Digital conference today, announced an open source Boundary project that will enable users to remotely access systems regardless of location based on their specific identity.

At the same time, HashiCorp announced the private beta of HashiCorp Vault secrets management platform on the HashiCorp Cloud Platform (HCP) and the public beta availability of HashiCorp Consul service mesh on the same platform. In both cases, HashiCorp Vault and HashiCorp Consul are managed by HashiCorp on behalf of customers.

DevOps Experience

Chris Kent, director of product marketing for HashiCorp, said Boundary applies many of the zero trust concepts now being applied to networking to systems that no longer require someone to create and manage credentials for each platform. Remote access is now based on logical services rather than physical IPs, which Kent noted also eliminates the need to have additional network-based remote access.

The Boundary platform makes it possible to authenticate users by assigning trusted identities.

Collectively, Kent said the HashiCorp portfolio will enable a zero trust model to be applied across four pillars of security using Vault for machine authentication and authorization, Consul for machine-to-machine access, Boundary for human-to-machine access and trusted identity providers for authentication and authorization for humans.

Those capabilities longer-term will play a critical role in advancing the adoption of best DevSecOps practices in a way that is platform-agnostic, he added.

In the wake of the COVID-19 pandemic, a shift toward identity-based approaches to security has begun to accelerate. At the core of any zero-trust approach to cybersecurity is an assumption that an IT organization can control access to systems and applications based on unique identifiers. With more end users working from home to help combat the spread of the pandemic, organizations can no longer rely on network perimeters to secure access to systems and applications. It’s not clear whether or how much organizations will be able to transition to identity-based security frameworks, but at this point, it’s more a matter of when rather than if for most organizations. By releasing Boundary, HashiCorp is making a case for an open source approach that should accelerate that shift by reducing the cost of making that transition.

In the meantime, organizations are attempting to meld DevOps and cybersecurity workflows as part of an effort to shift responsibility for application security further left toward developers. Platforms based on software such as Boundary should eventually make it possible to incorporate identity-based frameworks into those workflows.

Of course, HashiCorp is not the only IT vendor focusing on identity. In some regards, the shift toward identity-based security is long overdue. It remains to be seen how much momentum an open source approach to identity management can garner. At the very least, however, there are a lot more IT professionals having a meaningful conversation about identity-based approaches to security than any other time in IT history.

Featured eBook
The Dangers of Open Source Software and Best Practices for Securing Code

The Dangers of Open Source Software and Best Practices for Securing Code

More and more organizations are incorporating open source software into their development pipelines. After all, embracing open source products such as operating systems, code libraries, software and applications can reduce costs, introduce additional flexibility and help to accelerate delivery. Yet, open source software can introduce additional concerns into the development process—namely, security. Unlike commercial, or ... Read More
Security Boulevard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 334 posts and counting.See all posts by mike-vizard

Techstrong Group