People and process considerations

Implementing Vault Radar requires clear definition of roles and responsibilities across your organization. Different teams need varying levels of access and permissions to effectively manage secret detection and remediation workflows. The following outlines the key stakeholders involved in Vault Radar operations and their recommended access levels:

• Developer and operations (DevOps) teams receive alerts when Vault Radar identifies a secret in a data source. They are typically granted the viewer role, which allows them to view events, or the contributor role, which allows them to update remediation states.
• Security operations (SecOps) teams onboard data sources, set up alerts, understand secret sprawl, generate reports, and assign remediation tasks. SecOps teams also own the task of identifying and managing the remediation of secret sprawl at the company level. To perform these tasks, assign each member the admin role. The admin role grants broad read/write capabilities and provides the ability to onboard new users, delete projects, and configure platform level settings.
• Chief information security officer (CISO) needs insights into how effective various teams are at eliminating hard coded secrets in code and moving them to a secrets manager like HashiCorp Vault. Assign this team the viewer role, to only see the dashboard and information.
• Platform teams/HCP administrators configure and administer the tool configuration, including integrations (data sources, alerting,ticketing), agents and remediations. Although this role overlaps with the SecOps team, it works in collaboration with them. Assign this team the admin role.