Cyber Tool Stack
All tools
KMSOpen source · MPL-2.0

OpenBao

Community project

A community-governed fork of HashiCorp Vault, created in 2023 after Vault's license changed away from an OSI-approved open-source license, rebuilding the same secrets-management and encryption-as-a-service features under a fully open MPL-2.0 license. Joined the Linux Foundation's Open Source Security Foundation (OpenSSF) in 2025, and remains in the foundation's early Sandbox stage as of mid-2026.

Verified Source: 1

Product type
Community project
Deployment
On-premCLI
Organization size
SMBMid-marketEnterprise
Pricing tier
Free

Capability checklist

KMS

How OpenBao measures up against the full Encryption & Key Management taxonomy.

Centralized key lifecycle management — supported
Creates, distributes, rotates, and retires encryption keys from one system.
HSM-backed key storage — not supported
Stores the most sensitive keys in dedicated hardware security modules.
Encryption enforcement — supported
Ensures data at rest and in transit is actually encrypted, not just capable of it.
Automated key rotation — supported
Rotates keys on a schedule without requiring manual intervention.
BYOK / HYOK cloud support — not supported
Lets customers bring or hold their own keys for data stored in cloud provider services.
Access audit logging — supported
Logs every use of a key for security review and compliance evidence.

Alternatives

Other Encryption & Key Management tools with overlapping capabilities, sized for similar teams.

Search Cyber Tool Stack

Jump to any tool, vendor, category, or glossary term.