What is Secrets Hub?

Secrets Hub is a CyberArk SaaS solution that addresses the challenge of managing multiple security platforms in the cloud.

Industry challenge: Lack of centralized secret management

In many enterprises today, a high proportion of user name and password credentials are not managed centrally, but are managed in security islands. As a result, security admin users do not have one place to control and manage all enterprise secrets. It's also difficult, if not impossible, for security admin to enforce a unified security standard across the organization.

Another obstacle to centralized secret management is that application owners developers prefer to work natively, without having to manage security and password rotation.

Solution: Securing cloud secrets with Secrets Hub

Secrets Hub is a CyberArk SaaS solution that facilitates centralized control of secrets in one place.

Secrets Hub acts as a trusted connector between cloud applications that run on cloud platforms (AWS or Microsoft Azure) and CyberArk Privilege Cloud. The secrets managed separately by multiple cloud platform applications are securely integrated with CyberArk Privilege Cloud. This integration enables your enterprise to securely manage its cloud secrets and enforce security policies on those secrets. As a unified centralized hub, Secrets Hub manages your enterprise secrets without affecting developer velocity.

Secrets Hub allows your enterprise to:

  • See where all secrets are managed in the cloud via a single pane of glass

  • Automate granting machine identity to applications and processes

  • Deploy applications so they can seamlessly authenticate with the resources they need

  • Centrally manage access control

  • Audit all connections and monitor for unusual behavior

  • Manage and enforce security policies on all cloud platform secrets

Benefits of Secrets Hub

Both security and developer teams benefit from leveraging Secrets Hub within an enterprise:

Benefits to Security teams Benefits to Developer teams

  • Ability to access all cloud application secrets via a single pane of glass

  • Ability to govern secrets from CyberArk Privilege Cloud

  • Ability to determine password rotation schedule and retrieval

  • Unified audit, access control and administration system

  • Ability to secure the application and continue working natively in the cloud without any impact on workflows

  • Provision of a native cloud experience

  • No need to change tools

  • Reduced need for extra development

Secrets Hub on CyberArk's Identity Security Platform Shared Services

Secrets Hub is accessed via CyberArk's Identity Security Platform Shared Services (ISPSS). 
ISPSS is a platform that provides a unified admin and end user experience for CyberArk SaaS services, by providing shared services for identity administration and audit. For more details on ISPSS, see ISPSS docs.