HashiCorp Solutions to Support DOD Zero Trust Implementation

HashiCorp is supporting zero trust deployment efforts within the Department of Defense and its components with its two products: the Vault identity broker and credential access and management tool and the Consul service networking platform.

With the National Institute of Standards and Technology’s Zero Trust Model focusing on securing person entity to non-person entity access, the Vault provides organizations greater control over sensitive data, such as passwords and certificates, safeguarding any kind of data. When integrated with Vault, the Consul manages Certificate Authority provider operations, with Vault acting as a systems provider that stores root certificates and private key materials.

The integration of both products ensures the separation of the intermediate CA and the service mesh CA, requiring each to have its own unique authentication and authorization requirements, Tim Silk, federal director of solutions engineering at HashiCorp and a 4×24 member, wrote in a blog post published on Intelligence Community News.

The Defense Department has been committed to rolling out a zero trust architecture across the organization. In October, the Pentagon started reviewing its component agencies action plans to implement zero trust.