How much does HashiCorp Vault cost?

HashiCorp Vault pricing ranges from $0 to $0 per month across 2 published tiers. Higher tiers require contact with sales for a quote.

What rank does HashiCorp Vault hold in the Privileged Access Management (PAM) category?

HashiCorp Vault ranks #8 of 10 privileged access management (pam) platforms in the Zendikt editorial ranking, last updated 2026-05-17.

HashiCorp Vault review, pricing, and verified intelligence

Best for

Platform engineering and DevSecOps teams (any size) running cloud-native workloads, CI/CD pipelines, and database access patterns that benefit from ephemeral / dynamic secrets.

Worst for

Buyers whose primary PAM need is human-admin session brokering and session recording for Windows/Linux servers; classical PAM vendors (CyberArk, BeyondTrust, Delinea) are better fits.

Vendor Trust Score

Is HashiCorp Vault a trustworthy vendor?

6.9/10

Mixed

Pricing transparency

Published rates; no hidden fees

6.5

Contract fairness

Reasonable terms; no auto-renew traps

7.0

Incident response

How they handle outages and breaches

8.0

Post-acquisition behavior

Customer treatment after M&A or PE

6.5

Executive stability

Leadership churn over 24 months

7.0

Roadmap honesty

Public commitments held

6.5

Trust signal log

2023-08-10

License switch from MPL to Business Source License (BSL)

Triggered OpenTofu (Terraform fork) and OpenBao (Vault fork); lasting community trust impact in open-source-first organizations.
2025-02-27

IBM acquisition closed for $6.4B

Extends enterprise sales reach. Raises long-term roadmap independence and pricing questions that will play out across 2026-2027.
2025-09-15

Post-IBM pricing model still settling

Customer references flag uncertainty about HCP Vault and Vault Enterprise pricing trajectory under IBM ownership.

Vendor Trust is scored independently of product quality. A great product from an unfair vendor still earns a low trust score.

Review Intelligence

What 1,620 reviews actually say

Synthesized from G2, Capterra, Reddit, Trustpilot. Patterns >15% prevalence shown.

Last synthesized

2026-04-29

Praise patterns

De facto secrets management standard in cloud-native estates
87% →
Dynamic secrets for databases and cloud providers
78% →
Deep CI/CD and Terraform integration
71% →
Strong developer community
51% →

Complaint patterns

BSL license switch still resented in open-source community
58% →
Operational complexity to run in production
51% →
Lighter on classical PAM session features
47% →
Post-IBM roadmap and pricing uncertainty
41% ↑

Sentiment trend (6 months)

78/100 0 pts

Patterns are extracted from review corpus and human-verified. We surface trends, not anecdotes.

Verified Pricing

What buyers actually pay

78 anonymized deal disclosures · last updated 2026-05-01

Contribute your deal price

Company size	Median annual	Sample	vs. listed floor
200-1,000 employees	$42,000	32	-
1,000-5,000 employees	$180,000	28	-
5,000+ employees	$540,000	18	-

Verified pricing is crowdsourced from buyers under anonymity guarantees. Vendor-listed prices are validated against actual deals quarterly.

Compliance & Security

Auto-verified certifications

Verified 2026-05-01

SOC 2 Type II

ISO 27001

HIPAA

GDPR

CCPA

PCI DSS

FedRAMP Authorized

Editorial: Strengths

De facto standard for ephemeral secrets management in cloud-native estates
Dynamic secrets for databases, AWS/Azure/GCP credentials, certificates, SSH
Deep CI/CD and Terraform / HashiCorp stack integration
IBM acquisition (Feb 2025) extends enterprise sales reach and financial backing
Strong developer community even after the BSL switch
Public 10-K-grade transparency through both IPO and acquisition

Editorial: Weaknesses

Lighter on session recording and human-admin brokering than legacy PAM
Aug 2023 BSL license switch still poisons trust in the open-source community (OpenTofu / OpenBao forks)
IBM acquisition raises questions about long-term roadmap independence and pricing
Operational complexity is genuine; running Vault HA in production is non-trivial
Vault Enterprise feature gating annoys customers who started on open source

Key features & integrations

+Centralized secrets storage with encryption-as-a-service
+Dynamic secrets for databases, AWS, Azure, GCP, Kubernetes
+PKI / certificate authority engine
+Transit secrets engine (encryption-as-a-service)
+Identity-based access via OIDC, JWT, AppRole, Kubernetes auth
+Audit logging suitable for SOC 2, ISO 27001 evidence
+HCP Vault (managed) and Vault Enterprise (self-managed) deployment options

200+ integrations

TerraformKubernetesAWSAzureGCPGitHub ActionsGitLabJenkinsDatadogSplunkIBM Cloud

Geography supported

Global

Best fit

50-100,000+ employees · Platform engineering and DevSecOps teams of any size

Editorial deep-dive

Read our full ranking of Privileged Access Management (PAM)

HashiCorp Vault ranks #8 in our editorial review of 10 privileged access management (pam) platforms. The deep-dive covers methodology, comparison tables, decision matrix, migration scoring, and FAQs.

Read the full ranking

Closest alternatives in Privileged Access Management (PAM)

WALLIX Bastion

EU-native PAM with strong NIS2 and CSRD compliance fit.

★ 4.3 partial

Netwrix Privilege Secure

Acquisition-built breadth for buyers on the Netwrix data-security stack.

★ 4.3 opaque

ARCON Privileged Access Management

APAC PAM leader with strong Asian financial-services foothold.

★ 4.3 opaque

Help the next buyer

Contribute your verified deal price

Pricing in B2B software is opaque because vendors want it that way. Verified buyer prices fix that, anonymously. Share what you actually paid for HashiCorp Vault; we’ll add it to the verified pricing dataset on this page (with company size band only, no identifying details).

Submit anonymously