IBM Cloud Secrets Manager
Manage the lifecycle of secrets
Our Price: Request a Quote
Click here to jump to more pricing!
Please Note: All Prices are Inclusive of GST
Overview:
Centrally manage your secrets in a single-tenant, dedicated instance
With IBM Cloud® Secrets Manager, you can create secrets dynamically and lease them to applications while you control access from a single location. Powered by HashiCorp Vault, Secrets Manager helps you get the data isolation of a dedicated environment with the benefits of a public cloud.
Features:
Dashboard
- Manage API keys, credentials, certificates, and more within one rich UI
- Auto rotation and access control
Secrets groups
Manage access policies at enterprise scale
Notifications
Configure with Event Notifications Service to receive secrets life-cycle events
Locks
Create locks on secrets to prevent them from being deleted or modified while in use
Certificates Management
- Use the imported certificate type to create private keys and CSRs, and manage all your secrets in one secure, dedicated space
- SSL, TLS, PKI, public and private
- Supported by Let’s Encrypt certificate authority
Custom credentials
A customizable set of parameters that define how a secret interacts with a credentials` provider—powered by a Code Engine job implementation
Use Cases
Maintaining security posture without losing velocity
The shift to cloud-native models aims to boost development speed for application teams. They expect this acceleration without compromising security and rely on their cloud provider to offer solutions that support both.
Maintaining required secret data isolation while building cloud native
- Global Bank: The CISO mandates that application and user secrets must be stored separately from other enterprise secrets.
- Healthcare Group: Applications accessing sensitive patient data must ensure the cloud provider cannot access this data with hosted secrets.
- Automotive Manufacturer: After moving workloads to the cloud, the company requires the same data isolation as their previous on-premise Vault instance.
Managing multiple IBM Cloud secret types at enterprise scale
A healthcare group needs to securely manage various secrets in a single-tenant environment. They currently use multiple tools, some of which are multi-tenant, for handling API keys, user credentials, text, and certificates.
Securely enabling automated communication between microservices
A large bank's cloud security team needs to help development teams securely build automated integrations between consumer lending applications and other micro-services with sensitive information.
Benefits:
Powered by HashiCorp Vault
- Get secure secret storage, data encryption, and PKI
- Configured with unique Secret Engines and an IAM Auth Engine
- Built for high availability with seamless failover across three regional data centers
Secure by default
Built-in, essential security across all IBM Cloud platform and infrastructure services.
Compliance
- ISO 27k, SOC, PCI-DSS, GDPR, ISMAP (Japan), C5 (Germany), ENS High (Spain)
- IBM Cloud Framework for Financial Services
Centralize dynamic and static secrets
- Manage multiple types of secrets from a single service
- Create and lease your secrets on demand to control their lifespan
Single Tenancy
Single-tenant data isolation via Vault
Logging and monitoring
Monitor access and produce audit reports
Protect secrets at rest
Enhance the security of stored secrets with IBM® Key Protect
Public Key Infrastructure backed by Hardware Security Module
Create and manage trusted certificates securely using built-in protection
Specifications:
Pricing Notes:
- All Prices are Inclusive of GST
- Pricing and product availability subject to change without notice.
Our Price: Request a Quote