Application Passwords & Secrets Vault

Secure and Manage Application Secrets

Prevent cyber-attacks that target application passwords or secrets and streamline operations by eliminating hard-coded, plain text account passwords from scripts and applications. Leveraging Centrify Vault Suite, applications and scripts authenticate and retrieve passwords securely without human intervention, enabling organizations to enforce privileged access security policies and prove compliance. At the same time, you can vault all your secrets — be it IP addresses, SSH keys, or others.

Eliminate Hardcoded Secrets and Application Passwords

Automate application access to vaulted privileged service accounts by replacing passwords within your code with a script requesting password checkout.
Ensure only trusted applications can request privileged account credentials by identifying and validating system accounts before password retrieval.
Eliminate per application service accounts by leveraging machine identities and delegated machine credentials. Grant apps scoped access to Vault Suite.
Increase security with federated authentication and short-lived tokens for applications versus creating service accounts that expand the attack surface.
no passwords

Eliminate Passwords from Scripts and Applications

Privileged account credentials create risk when embedded in scripts and applications, stored in plain text, and not rotated. This leaves organizations vulnerable to cyberthreats that leverage account credentials as their primary attack vector. Minimize your organization’s attack surface by eliminating passwords in scripts and applications and automating the retrieval of secrets at run-time with Centrify Vault Suite.


Secure Application Access to Privileged Account Credentials

Ensure only trusted applications can access privileged account credentials by identifying and validating both system and user account before password retrieval. During the script or application execution, the system and the account are validated by Centrify Vault Suite, enabling password retrieval using a secure one-time password service.

Password sprawl

Centrally Manage Secrets to Reduce Secrets Sprawl

Centrally store, access, and distribute secrets like API keys, AWS IAM credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, IP addresses, and more. Avoid vault sprawl by leveraging a native, cloud-based vault service with a scalable connector framework.


Automate Management of Privileged Account Credentials

Securely store and manage application credentials and secrets with Centrify Vault Suite, which encrypts and stores those credentials in the cloud-ready Centrify Platform or in the SafeNet KeySecure management appliances from Gemalto. Centrally managed application credentials are periodically rotated using your enterprise-wide password policies to increase security, ensure application uptime and simplify compliance.

Dedicated Machine

Empower Cloud and DevOps Teams

Non-human identities represent the majority of “users” in DevOps and cloud environments where task automation is key. Agility and fast-paced development requires a new means of application-to-application password management. Rather than manually establishing service accounts for each application, the Centrify Client delegates its own credential. Subsequently, the applications can use the Centrify Delegated Machine Credential to authenticate to the Centrify Vault Suite and access its APIs.

Centrify Application Password Management

Watch this video to learn how to minimize your organization’s attack surface by eliminating passwords in scripts and applications and automating the retrieval of secrets at run-time with Centrify Server Suite.

Learn More About Centrify Vault Suite

Ready to Protect Against the #1 Attack Vector?

Register for a 30-day trial of Centrify's Privileged Access Management (PAM) software to minimize your attack surface and control privileged access to your hybrid environment.

Free Trial