Application Passwords & Secrets Vault

Secure and Manage Application Secrets

Prevent cyber-attacks that target application passwords or secrets and streamline operations by eliminating hard-coded, plain text account passwords from scripts and applications. Leveraging Centrify Privileged Access Service applications and scripts authenticate and retrieve passwords securely without human intervention, enabling organizations to meet compliance and security policies. At the same time, you can vault all your secrets — be it IP addresses, SSH keys or others.

Eliminate Hardcoded Secrets and Application Passwords

no passwords

Eliminate Passwords from Scripts and Applications

Privileged account credentials are frequently embedded in scripts and applications, stored in plain text and not rotated. This leaves organizations vulnerable to cyberthreats that leverage account credentials as their main attack vector. Minimize your organization’s attack surface by eliminating passwords in scripts and applications and automating the retrieval of secrets at run-time with Centrify Privileged Access Service.


Secure Application Access to Privileged Account Credentials

Ensure only trusted applications can access privileged account credentials by identifying and validating both system and user account prior to password retrieval. Both the system and the account under which the script (or application) is run are validated by Centrify Privileged Access Service, which then enables password retrieval using a secure one-time password service.

Password sprawl

Centrally Manage Secrets to Reduce Secrets Sprawl

Centrally store, access, and distribute secrets like API keys, AWS IAM credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, IP addresses, and more. Avoid vault sprawl by leveraging a native, cloud-based vault service with a scalable connector framework.


Automate Management of Privileged Account Credentials

Securely store and manage application credentials and secrets with Centrify Privileged Access Service, which encrypts and stores those credentials in the cloud-ready Centrify Zero Trust Privilege Services or in the SafeNet KeySecure key management appliances from Gemalto. Centrally managed application credentials are periodically rotated using your enterprise-wide password policies to increase security, ensure application uptime and simplify compliance.


Empower Cloud and DevOps Teams

Nowadays, non-human identities represent the majority of “users” in many organizations. This is especially true in DevOps and cloud environments, where task automation plays a dominant role. Agility and fast-paced changes in today’s IT environment require new means of application-to-application password management. Rather than manually establishing service accounts for each application, the local Centrify Client can delegate its own credential. Subsequently, the applications can use the Centrify Delegated Machine Credential to authenticate to the Centrify Privileged Access Service and access its APIs. It’s safe, secure, and easy to turn on.

Learn More About Centrify and Application Passwords & Secrets Vault

Centrify Privilege Access Service in Action

Centrify Application Password Management

Watch this video to learn how to minimize your organization’s attack surface by eliminating passwords in scripts and applications and automating the retrieval of secrets at run-time with Centrify Privileged Access Service.

Ready to Protect Against the #1 Attack Vector?

Register for a 30-day trial of Centrify's Privileged Access Management (PAM) software to minimize your attack surface and control privileged access to your hybrid environment.

Free Trial