Home
DevOps
Build, Test, Deploy
Secrets Management

Strongbox vs Vault

Need advice about which tool to choose?Ask the StackShare community!

Strongbox
0
5
+ 1
0
Vault
795
794
+ 1
71
Add tool

Strongbox vs Vault: What are the differences?

Developers describe Strongbox as "A secret manager for AWS". Strongbox is a CLI/GUI and SDK to manage, store, and retrieve secrets (access tokens, encryption keys, private certificates, etc). Strongbox is a client-side convenience layer on top of AWS KMS, DynamoDB and IAM. It manages the AWS resources for you and configure them in a secure way. On the other hand, Vault is detailed as "Secure, store, and tightly control access to tokens, passwords, certificates, API keys, and other secrets in modern computing". Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.

Strongbox and Vault can be primarily classified as "Secrets Management" tools.

Some of the features offered by Strongbox are:

  • Serverless
  • Simple access model
  • Encryption

On the other hand, Vault provides the following key features:

  • Secure Secret Storage: Arbitrary key/value secrets can be stored in Vault. Vault encrypts these secrets prior to writing them to persistent storage, so gaining access to the raw storage isn't enough to access your secrets. Vault can write to disk, Consul, and more.
  • Dynamic Secrets: Vault can generate secrets on-demand for some systems, such as AWS or SQL databases. For example, when an application needs to access an S3 bucket, it asks Vault for credentials, and Vault will generate an AWS keypair with valid permissions on demand. After creating these dynamic secrets, Vault will also automatically revoke them after the lease is up.
  • Data Encryption: Vault can encrypt and decrypt data without storing it. This allows security teams to define encryption parameters and developers to store encrypted data in a location such as SQL without having to design their own encryption methods.

Strongbox and Vault are both open source tools. Vault with 13.2K GitHub stars and 1.98K forks on GitHub appears to be more popular than Strongbox with 244 GitHub stars and 21 GitHub forks.

Manage your open source components, licenses, and vulnerabilities
Learn More
Pros of Strongbox
Pros of Vault
    Be the first to leave a pro
    • 17
      Secure
    • 13
      Variety of Secret Backends
    • 11
      Very easy to set up and use
    • 8
      Dynamic secret generation
    • 5
      AuditLog
    • 3
      Privilege Access Management
    • 3
      Leasing and Renewal
    • 2
      Easy to integrate with
    • 2
      Open Source
    • 2
      Consol integration
    • 2
      Handles secret sprawl
    • 2
      Variety of Auth Backends
    • 1
      Multicloud

    Sign up to add or upvote prosMake informed product decisions

    What is Strongbox?

    Strongbox is a CLI/GUI and SDK to manage, store, and retrieve secrets (access tokens, encryption keys, private certificates, etc). Strongbox is a client-side convenience layer on top of AWS KMS, DynamoDB and IAM. It manages the AWS resources for you and configure them in a secure way.

    What is Vault?

    Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.

    Need advice about which tool to choose?Ask the StackShare community!

    Jobs that mention Strongbox and Vault as a desired skillset
    Executive Assistant to Head of Product and Head of Engineering
    Postman
    Berkeley, United States OR San Francisco, United States
    View Job Details
    guidanceageReflect+7
    What companies use Strongbox?
    What companies use Vault?
      No companies found
      Manage your open source components, licenses, and vulnerabilities
      Learn More

      Sign up to get full access to all the companiesMake informed product decisions

      What tools integrate with Strongbox?
      What tools integrate with Vault?

      Sign up to get full access to all the tool integrationsMake informed product decisions

      Blog Posts

      Transforming the Management of Application Configurations &...
      Dec 10 2019 at 8:35AM

      HashiCorp

      JavaGitLabJenkins+7
      5
      1756
      What are some alternatives to Strongbox and Vault?
      KeePass
      It is an open source password manager. Passwords can be stored in highly-encrypted databases, which can be unlocked with one master password or key file.
      LastPass
      LastPass Enterprise offers your employees and admins a single, unified experience that combines the power of SAML SSO coupled with enterprise-class password vaulting. LastPass is your first line of defense in the battle to protect your digital assets from the significant risks associated with employee password re-use and phishing.
      KeePassXC
      It is a cross-platform community-driven port of the Windows application “Keepass Password Safe”. It can store your passwords safely and auto-type them into your everyday websites and applications.
      bitwarden
      bitwarden is the easiest and safest way to store and sync your passwords across all of your devices.
      Git
      Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.
      See all alternatives

      Related Comparisons

      Keywhiz vs VaultDocker Secrets vs Torus CLI vs VaultAWS Secrets Manager vs VaultConfidant vs Torus CLI vs VaultAWS Secrets Manager vs Strongbox

      Trending Comparisons

      Django vs Laravel vs Node.jsBootstrap vs Foundation vs Material-UINode.js vs Spring BootFlyway vs LiquibaseAWS CodeCommit vs Bitbucket vs GitHub

      Top Comparisons

      HipChat vs Mattermost vs SlackBitbucket vs GitHub vs GitLabPostman vs Swagger UIBootstrap vs Materialize