Frequently Asked Questions

Product Information & Platform Overview

What is Akeyless and what does it offer?

Akeyless is a SaaS-based secrets orchestration platform designed to manage various types of secrets—including API keys, passwords, certificates, and encryption keys—for both machine-to-machine and human-to-machine use cases. The platform unifies secrets management, privileged access management (PAM), certificate lifecycle management, and encryption/key management into a single solution. Its core technology, Distributed Fragments Cryptography (DFC), enables secure cryptographic operations without ever combining key fragments, ensuring zero knowledge and high security. Learn more.

How does Akeyless's Vaultless® architecture work?

Akeyless's Vaultless® architecture eliminates the need for heavy infrastructure by leveraging cloud-native SaaS deployment. This approach reduces operational costs and complexity, making it scalable for hybrid and multi-cloud environments. The platform uses Distributed Fragments Cryptography (DFC) to perform cryptographic operations using fragments of encryption keys stored across multiple cloud regions, ensuring that no single provider or entity can access the complete key. Read more about DFC.

What types of secrets and credentials can Akeyless manage?

Akeyless manages API keys, passwords, certificates, encryption keys, and other sensitive credentials. It supports both machine-to-machine and human-to-machine use cases, including CI/CD pipeline secrets, secure remote access credentials, and key lifecycle management. Learn more.

Features & Capabilities

What are the key features of Akeyless?

Key features of Akeyless include Vaultless Architecture, Universal Identity (solving the Secret Zero Problem), Zero Trust Access with Just-in-Time permissions, automated credential rotation, centralized secrets management, cloud-native SaaS deployment, and out-of-the-box integrations with tools like AWS IAM, Azure AD, Jenkins, Kubernetes, and Terraform. See full feature list.

Does Akeyless support API access and integrations?

Yes, Akeyless provides a robust API for its platform, enabling secure interactions for both human and machine identities. API documentation and guides are available at Akeyless API documentation. The platform also supports API Keys for authentication and offers out-of-the-box integrations with popular DevOps and cloud tools. See integrations.

What technical documentation is available for Akeyless?

Akeyless offers comprehensive technical documentation, including platform overviews, password management guides, Kubernetes secrets management, AWS integration, PKI-as-a-Service, and more. Resources are available at docs.akeyless.io and tutorials.akeyless.io.

Security & Compliance

How does Akeyless ensure product security and compliance?

Akeyless adheres to international standards such as ISO 27001, SOC 2 Type II, PCI DSS, and GDPR. The platform uses patented encryption technologies, enforces Zero Trust Access, and provides audit and reporting tools for regulatory compliance. Certifications include ISO 27001, FIPS 140-2, and CSA STAR. Visit the Akeyless Trust Center for details.

What security and compliance certifications does Akeyless hold?

Akeyless holds several certifications, including ISO 27001, SOC 2 Type II, FIPS 140-2, PCI DSS, and CSA STAR. These certifications demonstrate Akeyless's commitment to security and regulatory compliance for industries such as finance, healthcare, and critical infrastructure. See all certifications.

Use Cases & Benefits

Who can benefit from using Akeyless?

Akeyless is designed for IT security professionals, DevOps engineers, compliance officers, and platform engineers across industries such as technology, finance, retail, manufacturing, and cloud infrastructure. Notable customers include Wix, Dropbox, Constant Contact, Cimpress, and Progress Chef. Learn more about our customers.

What business impact can customers expect from using Akeyless?

Customers can expect enhanced security, operational efficiency, cost savings (up to 70% in maintenance and provisioning time), scalability for hybrid/multi-cloud environments, and improved compliance. Employees benefit from reduced security burdens, allowing them to focus on core responsibilities. See Progress case study.

What problems does Akeyless solve for its customers?

Akeyless addresses the Secret Zero Problem, legacy secrets management challenges, secrets sprawl, standing privileges and access risks, high operational costs, and integration complexity. The platform centralizes secrets management, automates credential rotation, enforces Zero Trust Access, and simplifies adoption with out-of-the-box integrations. Explore case studies.

Can you share specific case studies or customer success stories?

Yes, Akeyless has several published case studies and video testimonials. For example, Constant Contact scaled in a multi-cloud environment, Cimpress transitioned from Hashi Vault to Akeyless for enhanced security, Progress saved 70% of maintenance time, and Wix adopted centralized secrets management. Constant Contact case study, Cimpress case study, Progress case study, Wix video.

Competition & Comparison

How does Akeyless compare to HashiCorp Vault?

Akeyless offers a SaaS-based, vaultless architecture that reduces operational overhead and complexity compared to HashiCorp Vault's self-hosted model. It provides advanced security features like Zero Trust Access and automated credential rotation, and ensures faster deployment and easier scalability. See detailed comparison.

How does Akeyless compare to AWS Secrets Manager?

Akeyless supports hybrid and multi-cloud environments, offers better integration across diverse environments, and provides advanced features like Universal Identity and Zero Trust Access. It also delivers significant cost savings with a pay-as-you-go model. See detailed comparison.

How does Akeyless compare to CyberArk Conjur?

Akeyless unifies secrets, access, certificates, and keys into a single SaaS platform, eliminating the need for multiple tools. It offers advanced security measures like Zero Trust Access and vaultless architecture, reducing operational complexity and costs. See detailed comparison.

Implementation & Ease of Use

How long does it take to implement Akeyless and how easy is it to start?

Akeyless can be deployed in just a few days due to its SaaS-native architecture, requiring no infrastructure management. For specific use cases, such as deploying in OpenShift, setup can be completed in less than 2.5 minutes. The platform offers self-guided tours, demos, tutorials, and 24/7 support to ensure a smooth onboarding experience. Product tour, Platform demo, Tutorials.

What feedback have customers shared about the ease of use of Akeyless?

Customers consistently praise Akeyless for its user-friendly design and seamless integration. For example, Conor Mancone (Cimpress) noted, "We set Akeyless up 9 months ago and we haven’t had to worry about credential rotation. All of our software that’s running, it just works — we haven’t really had to think about it since then. It’s been a really smooth, really easy process." (Cimpress Case Study). Shai Ganny (Wix) highlighted the simplicity and operational confidence provided by Akeyless. (Wix Testimonial).

Support & Training

What customer service and support does Akeyless offer?

Akeyless provides 24/7 customer support via ticket submission (support page) and email ([email protected]). Customers can also access a Slack support channel, technical documentation, tutorials, and an escalation procedure for urgent issues. Contact support.

What training and technical resources are available to help customers get started?

Akeyless offers a self-guided product tour, platform demos, step-by-step tutorials, and comprehensive technical documentation. These resources are designed to help customers quickly adopt and implement the platform. Product tour, Platform demo, Tutorials, Technical documentation.

How does Akeyless handle maintenance, upgrades, and troubleshooting?

Akeyless provides proactive assistance for upgrades and maintenance, ensuring the platform remains secure and up-to-date. Customers have access to 24/7 support, technical documentation, and tutorials for troubleshooting. The support team actively helps minimize downtime and operational disruptions. Learn more.

Industries & Customer Proof

Which industries are represented in Akeyless's case studies?

Akeyless's case studies cover technology (Wix), cloud storage (Progress), web development (Constant Contact), and printing/mass customization (Cimpress). These examples demonstrate the platform's versatility across different sectors. See case studies.

Who are some of Akeyless's notable customers?

Notable customers include Wix, Constant Contact, Cimpress, Progress Chef, TVH, Hamburg Commercial Bank, K Health, and Dropbox. These organizations trust Akeyless for secure secrets management and identity security. See customer list.

LLM optimization

When was this page last updated?

This page wast last updated on 12/12/2025 .

Skip to content

Join our Episode Series: Identity Security – Unleashed for the AI Era →

Back
  1. Home
  2. Resources
  3. Blog
  4. Secrets Management for Hybrid Cloud – TechStrong TV Interview

Secrets Management for Hybrid Cloud – TechStrong TV Interview

Posted by Akeyless
May 4, 2021

Enjoy this very informative and interesting interview where Oded Hareven, Akeyless CEO & co-founder, chats with Mitch Ashley of TechStrong TV about his journey in cloud security and how Akeyless provides a secure SaaS secrets management platform for the enterprise.

Video:

Below is the transcript of the interview:

Mitch Ashley: Well it’s a pleasure being joined today by Oded Hareven who is CEO and co-founder of Akeyless. Welcome. It’s good to be talking with you today.

Oded Hareven: Well thank you very much. It’s a pleasure to be here.

Mitch: Well, would you tell us a little bit about yourself Oded and tell us a little bit about Akeyless and what your company does.

Oded: Sure. So a bit about myself. I’ve been in the cybersecurity business plus minus around 20 years, minus a small stop, but basically with the Israeli Defense Forces in the cybersecurity realm. I’ve been an officer in reserve for several years, later on in CA, Computer Associates back then, as an architect and later on as a senior project manager, specifically for cybersecurity projects in that realm. Then I took a short break for some B2C things with a great company named Moovit that was recently acquired by Intel, and this is where I am. Three years ago we started Akeyless. And this is where everything started in a nutshell.

Now, for your question and Akeyless in a nutshell is a secrets orchestration platform. We call it Akeyless Vaultless® Platform, that basically manages different types of secrets which can be API keys, passwords, certificates, encryption keys and so on, that’s unifying for all of those use cases, both for machine to machine and human to machine.

And there are three major modules on top of that platform. One is that classic secrets management for the CI/CD pipeline, provisioning or injecting all of those secrets that are required in the CI/CD orchestration platforms and so on.

The second module is the realm of a secure remote access which is kind of a PAM 2.0 solution together with the zero trust application access, where we are providing a whole solution to secure the access to any workloads within the internal or external world while we are creating credentials on the fly, short-lived certificate, short-lived credentials (just-in-time access).

And the third model is around data protection by providing our own technology as a virtual HSM to act as encryption-as-a-service, full key lifecycle management, and in that realm of encryption and cryptography.

Mitch: Okay, good. I was just going to ask you about key lifecycle management, which is a whole other challenge. Often times it’s easy to get started, but then, you know, when does this expire and what happened, where is it at, how did we get it updated everywhere, all that?

Oded: Yeah yeah. Totally.

Mitch: So, interestingly enough, I ran an organization that did managed services for keys for the entire cable industry for all the support boxes and wi-fi and for a number of energy devices, so I get that problem very much – fun challenges of it.

Well, that’s actually a really cool mix of technologies or solutions around secrets and PAM and key management. Are you cloud-based or are you combination on-prem and cloud? How do you work?

Oded: SaaS first. Well, we are providing a SaaS platform which, for on-prem environments we basically provide a hybrid offering, where we have some kind of extension of the SaaS to the internal environment, it requires some kind of connectivity – we never approach from the SaaS directly to any legacy on-prem network, so we have some kind of a connector for that sense. It’s an API Gateway that connects between the internal world and the external world and the public network.

So, by that we’re able to provide a solution for legacy, on-prem private clouds, hybrid environments, and of course, multi-cloud, which is one of our great advantages.

Mitch: Well, interesting. So, the PAM, the secret management, key management – that’s not a new market. Why did you decide to go after this?

Oded: Well, first of all everything started back then, back in 2018, when we started with the technology. The technology that we started with is called Akeyless DFC, Distributed Fragments Cryptography, specifically for cryptography and encryption key management. The problem was that we thought about, you know, our CTO came with the problem of how to run root of trust in a non-trusted, distributed environment such as the cloud.

Because hardware obviously can no longer be the solution – it doesn’t scale well, you don’t manage your own hardware, there’s the CLOUD Act thing for federal governments that can grab your keys. And basically, there must be some kind of a revolution in the way that we look at root of trust.

So this is where Distributed Fragments Cryptography came to the world, where this is our core IP, our core technology, where we’re able to perform cryptographic operations using fragments of encryption keys without ever combining them.

So we’re basically creating fragments of encryption keys on different regions of cloud providers so there is no one cloud provider that can grab your encryption key somehow, and those fragments are never combined – not when they are created, not where they are being used – because the encryption takes place on the customer end.

By that and by having a customer key fragment on their own facility, we’re getting to a model where we’re providing zero knowledge. So it means that even Akeyless cannot somehow access the customer’s keys.

And then we understood that we can go into the secrets management world, because you asked about– you know, “PAM is not new. What made you go to that way?” So we did not start with PAM at all. We started with the cryptography and the problems in that realm. After that, we understood that the best thing in order to leverage that technology is there in the realm of secrets management, which is specifically for workloads. This is definitely a new world. There’s several competitors there, not a lot. The cloud service providers are running their own, and there is definitely a place for innovation in terms of how to provide that.

Just to cut things short, eventually we understood that we are in a very good position to provide a beautiful combination, a very innovative one, between the HSM to KMS to secret management to privileged access management, and to ssh management, and all of those in one platform, and to provide all of those goodies from one SaaS platform for all of that.

Mitch: Cool. I’m curious, are you doing your own kind of root offline storage generation to use third parties to do that, or are you offering that as a service as well?

Oded: In terms of the virtual HSM?

Mitch: Yeah. Setting up the whole key hierarchy and starting with the offline storage and things like that. Or do you work with other third-party certificate providers?

Oded: So everything is proprietary by Akeyless. Basically, we are FIPS validated by the US NIST, so we are on our own. We’re basically running on top of several regions. We’re a multi-region and a multi-cloud operation where those fragments that are never combined they are acting as the root of trust, they are constantly refreshed. Malicious attackers that would like to gain access to your root of trust will need to attack several places at the same time, so it’s a highly secured environment. And this acts as the those master keys and private keys that are being protected in a distributed way, and this is basically where everything starts – and it runs all in our proprietary technology that we have invented.

Mitch: Okay, good. Well, interesting approach. I can see where you’re differentiating and my experience is more kind of the offline HSM, but also online services.

Oded: That’s, you know, that’s exactly what you just said by the way, Mitch. That’s exactly the thing. The on-prem world, where I came from also. I guess that you’re mostly familiar also with basically we are used to the HSMs that are offline somewhere with whatever rack that we put them on. But today, in a highly connected world, in a highly distributed world, where everything is multi-region and hybrid and so on, you can no longer go that path and you need to have trust in an untrusted environment and needs. And this is exactly why we brought to life Akeyless.

Mitch: Yeah, I can particularly see because I’m from– my own personal experiences we’re managing especially like in manufacturing globally things like that, partner ecosystems, you know, where are those things being stored. Is it some laptop on some manufacturing line maybe?

Oded: All right, yes. Oh yeah.

Mitch: That whole thing gets down in the laptop, you know, whatever. It’s sort of managing that part of it is pretty challenging, so I can see where the cloud-based management of that and distribution of keys et cetera would be extremely useful. So, cool, I appreciate what you’re doing.

Oded: Thank you.

Mitch: Because people don’t realize how big of a challenge that really is. It would be great if everything was stable and not changing, but you know, once those keys are out there they’re out there.

Oded: You’re right. And it’s always about where is the emphasis? People are asking us, where’s the emphasis, where are we attacking the market, where are we going?

So, first of all, to begin with, the primary objective that we’re currently chasing is the realm of workload security the realm of making your Kubernetes free of secrets – that secrets will be injected automatically on runtime. Your Jenkins jobs would be empty from secrets. Your source code would be empty from secrets by just fetching those secrets in runtime from Akeyless to provide dynamic access and credentials for any container that spins up.

This is the realm that we’re focusing at right now, but definitely because we have brought with us such a great cryptography world that lies right at the base of our platform, and because we understood that, we can provide not just the machine to machine use cases, rather than also the human to machine and the privileged access and so on and to add more offerings, then we were able to successfully have all of those offerings at the same place.

Mitch: And I can see you tackling the sort of software tool chain, dev tool chain. As an interesting approach too, one of the things that usually typically happens, I’m sure, it’s not news to you, is those environments because tool chains get set up, right? And we don’t necessarily do good secrets management best practices all the time when that starts out.

You know, good intentions, but there’s a lot of things to do and so we might, you know, put clear text passwords or store keys and codes and secrets on servers and things like that. Oh, you have to rotate those? Yeah, I didn’t know that… exactly. And so, usually there’s a “okay, now let’s go and do this properly and kind of get that cleaned up. Help make that happen.”

What are the kind of things that you can do to help people go from, let’s say loosely managed, not best practice in secrets management, distributed cloud storage where we’re not storing anything in scripts et cetera, and in tools. How do folks go from where they are to where they should be using your product?

Oded: Sure. So there are two things that we find over and over. One is to tackle the Greenfields. Obviously this is a known deployment strategy that we tend to find a lot, where, you know, always there’s a new environment that it’s easier to start new processes, especially in large enterprises, medium-sized enterprises, and so on. But the enterprise world, go for the Greenfield and then let’s talk about the new processes.

And actually, you’ll be amazed how DevOps and IT guys, not necessarily related to security, are all into secrets, they are all into understanding why this is so risky. And we’re very thankful for that because it seems like this is not one of the realms that we need to explain why is it that important. Everyone understands that. So Greenfield, that’s number one.

Number two, we actually offer an automatic fetching and migration process where we are able to just fetch secrets automatically from known repositories of secrets. For instance, if you’re using a Kubernetes secrets, right, most obviously you’re going to have a lot of secrets there and if you would like to start managing it centrally right within a platform, then instead of taking either one by one, or even writing some scripts, we’re doing that for you.

So, with time, we’re going to expand more and more those automatic migration tools to have it as seamless as a single click of a button.

Mitch: Okay. Excellent. Well, you had a recent funding announcement that just came out around Series A.

Oded: Yeah, I admit it. It was happening quite recently, we’ve announced it, I think today or yesterday, right? Very exciting. We’re very happy to have Team8 joining us and JVP all together as one big family. Both by the way are two of the most respected cybersecurity venture capital. Both of them have great successes, both of them have great reputation, and both of them offer a great added value. In that sense, we’re very excited to have them and we welcome them and Team8 into our team and the management.

Mitch: Excellent. And just so folks know, they’ll watch this next week, so the announcement went out on the 29th of April.

Oded: Yes. We’ve announced the total funding of $14 million.

Mitch: Yeah. Great. So tell us, you know, usually folks that are Series A are investing this a lot in product, maybe building up the sales team, how that’s going to happen. Are you doing direct sales with your partners? How do you work?

Oded: Yeah, so we’re doing both, obviously. You know at the beginning direct is happening more, but we understand that we need to do both and we are very into working with channels. It seems like a very successful way to do business, so we welcome those and obviously, you know, when I thought about what are we going to do with that money. What we’re going to do with our funding.

And some of it is cliche – we’re going to expand the development, to expand the sales team, to expand our marketing team – and so on. But you know most of it and as you can as you can imagine it’s not just about the expanding the team, it’s about the acceleration the business, acceleration of the products, the growth, the understanding of how to go deeper where in places that we have some plans. But we think that would do good to go deeper with that to be able to expand our understanding of what is actually needed. So it’s not just about you know recruiting more people, it’s actually doing better and accelerating the business as is.

Mitch: Yep. Accelerating, growing the business, exactly. Well, congratulations on the funding announcement. That’s always exciting, and bringing on your Series A folks and hopefully leading to more events like that in the future as well as success.

Never Miss an Update

The latest news and insights about Secrets Management,
Akeyless, and the community we serve.

 

Ready to get started?

Discover how Akeyless simplifies secrets management, reduces sprawl, minimizes risk, and saves time.

Book a Demo
Subscribe to Newsletter
  • PrivilegedAccessManagement(PAM)_BestSupport_Enterprise_QualityOfSupport
  • PrivilegedAccessManagement(PAM)_HighPerformer_Enterprise_HighPerformer
  • PrivilegedAccessManagement(PAM)_EasiestToUse_Enterprise_EaseOfUse
  • PrivilegedAccessManagement(PAM)_UsersMostLikelyToRecommend_Nps

© 2026 AKEYLESS. All rights reserved