Cisco got hacked through a security scanner(vaultproof.dev) |
Cisco got hacked through a security scanner(vaultproof.dev) |
To fix this, let's add another third-party security service and give it all the sensitive information. I am sure it won't get hacked!
VaultProof solves that specific moment. The key never exists as plaintext in your app or pipeline.
And even if VaultProof gets hacked, that is the whole point. We only store shares. Individual shares are mathematically useless. An attacker who completely owns our infrastructure still gets nothing they can use.
There is nothing to steal. That is the architecture.
Compromise VaultProof and you get worthless shares.