Feb 21 · 13 min read · This post follows on from the previous post in the series: Taming Rogue Agents: Defeating ASI03 with Vault Dynamic Secrets. The Foundation: Mitigating ASI03 The previous post in this series demonstrat
Join discussionFeb 10 · 19 min read · This post follows on from the introduction post in combatting the OWASP 2026 Top 10 for Agentic AI with HashiCorp. Vault 101 HashiCorp Vault centralises the storage, access, and distribution of sensitive data, including API keys, database credentials...
Join discussion
Feb 7 · 5 min read · Terraform functions help you manipulate data, transform values, and make configurations dynamic. What is a Function in Terraform? A function in Terraform is a built-in method that: Takes input value(s) Performs some operation Returns a result Sy...
Join discussion
Feb 3 · 9 min read · New paradigms bring new threat landscapes. Gartner predicts that 25% of enterprise breaches will trace back to AI agent abuse by 2028. The OWASP 2026 Top 10 for Agentic AI Applications outlines these emerging attack vectors: IDThreatDescription ...
Join discussionJan 31 · 2 min read · If you’ve ever opened a terraform.tfstate file and seen a database password or API key in plaintext, you know that sinking feeling. Even with encrypted backends, the persistence of sensitive data is a significant security risk. Terraform 1.10 and 1.1...
Join discussion
Jan 31 · 5 min read · A hands-on comparison of the three leading secrets management solutions for containerized workloads on Amazon EKS Introduction Managing secrets in containerized environments is critical for cloud-native security. When running containers on AWS, you...
Join discussion
Jan 30 · 3 min read · The Plan vs. Reality After fixing our wildcard policy disaster, we thought we were done. We weren't. The real problem was our namespace architecture. We'd designed this beautiful parent-child hierarchy: engineering/ ├── team-alpha/ ├── team-beta/...
Join discussionJan 29 · 3 min read · Part 1 of the "Let's Hashify" Series The Day I Found a Security Hole in Our Vault Setup The "Oh Shit" Moment I was writing a Python script to inventory service accounts across our 50+ Vault namespaces when something caught my eye. Teams were creating...
Join discussionJan 14 · 9 min read · Summary for decision-makers Vault Enterprise bills by client identity, not by token count Entity-backed authentication (LDAP, OIDC, userpass, AppRole with aliases) produces stable, predictable billing Non-entity tokens (direct token creation, orphan...
Join discussionDec 31, 2025 · 3 min read · If you manage infrastructure with Terraform, you've likely faced: credential chaos, manual deployments, duplicated code, insecure secrets, and scattered modules. We tolerated these issues for years—until HashiCorp Cloud Platform (HCP) transformed eve...
Join discussion