HashiCorp Vault
Secrets management, encryption as a service, PKI, identity plugins, and dynamic credentials for apps and platforms.
Why it is included
De facto self-hosted pattern for secret sprawl—policies, namespaces, and audit logs.
Best for
Platform teams centralizing credentials, certs, and encryption workflows.
Strengths
- Engines
- HA patterns
- K8s auth
- Audit devices
Limitations
- License change affects some production use—confirm with counsel
Good alternatives
OpenBao (fork) · Infisical · SOPS + KMS
Related tools
Password Managers
Bitwarden
E2EE password manager with self-hostable server options.
Security & Privacy
GnuPG
OpenPGP implementation for encryption, signing, and key management.
Security & Privacy
Wazuh
Open security platform combining SIEM, XDR, file integrity monitoring, and compliance checks across endpoints and cloud.
Security & Privacy
CrowdSec
Collaborative intrusion prevention: parse logs, apply scenarios, share reputation (optional), and block via bouncers (firewall, nginx, Cloudflare).
Security & Privacy
MISP
Threat intelligence sharing platform: IOCs, galaxies, taxonomies, sync between communities, and API automation.
Security & Privacy
OpenCTI
Open cyber threat intelligence platform with knowledge graph, connectors (MISP, STIX/TAXII), and investigation UI.