What is Secrets Hub?

Secrets Hub is a CyberArk SaaS solution that addresses the challenge of managing multiple security platforms in the cloud.

Industry challenge: Lack of centralized secret management

In many enterprises today, a high proportion of user name and password credentials are not managed centrally, but are managed in security islands. As a result, security admin users do not have one place to control and manage all enterprise secrets. It's also difficult, if not impossible, for security admin to enforce a unified security standard across the organization.

Another obstacle to centralized secret management is that application owners developers prefer to work natively, without having to manage security and password rotation.

Solution: Securing cloud secrets with Secrets Hub

Secrets Hub is a CyberArk SaaS solution that facilitates centralized control of secrets in one place.

Secrets Hub acts as a trusted connector between cloud applications that run on cloud platforms (AWS or Microsoft Azure) and CyberArk PAM - Self-Hosted. The secrets managed separately by multiple cloud platform applications are securely integrated with CyberArk PAM - Self-Hosted. This integration enables your enterprise to securely manage its cloud secrets and enforce security policies on those secrets. As a unified centralized hub, Secrets Hub manages your enterprise secrets without affecting developer velocity.

Secrets Hub allows your enterprise to:

  • See where all secrets are managed in the cloud via a single pane of glass

  • Automate granting machine identity to applications and processes

  • Deploy applications so they can seamlessly authenticate with the resources they need

  • Centrally manage access control

  • Audit all connections and monitor for unusual behavior

  • Manage and enforce security policies on all cloud platform secrets

Benefits of Secrets Hub

Both security and developer teams benefit from leveraging Secrets Hub within an enterprise:

Benefits to Security teams Benefits to Developer teams

  • Ability to access all cloud application secrets via a single pane of glass

  • Ability to govern secrets from CyberArk PAM - Self-Hosted

  • Ability to determine password rotation schedule and retrieval

  • Unified audit, access control and administration system

  • Ability to secure the application and continue working natively in the cloud without any impact on workflows

  • Provision of a native cloud experience

  • No need to change tools

  • Reduced need for extra development

Secrets Hub on CyberArk's Identity Security Platform Shared Services

Secrets Hub is accessed via CyberArk's Identity Security Platform Shared Services (ISPSS). 
ISPSS is a platform that provides a unified admin and end user experience for CyberArk SaaS services, by providing shared services for identity administration and audit. For more details on ISPSS, see ISPSS docs.