Secrets management that developers ❤️
Manage secrets across your team and infrastructure with a fully auditable end-to-end encrypted secrets management service
We never see your secrets
Your data is stored fully encrypted, so we never see or generate the encryption keys. These keys are created locally on your machine with OpenSSL’s AES-256-CBC symmetric encryption cipher to keep your data fully encrypted at all times.
Integrate with your stack
ENV Integrates with popular cloud providers, CI/CD tools and developer frameworks so that you can automatically inject secrets during the build and deployment process
default
env.dev
env.prod
env.local
No hassle multi-environment config
Manage secrets for any environment—development, production, local, or custom—with the .env files you’ve always used.
Secure and Simple Secrets Management
No Downtime Key Rotation
Update encryption keys without interrupting the functionality of your apps, ensuring both security and operational continuity
Precise Access Control
Manage access to your secrets by, user, environment, and IP address, ensuring the right people and services have the right access
Versioning and Recovery
View past versions of your secrets for any environment, making it simple to revert when needed
Log All The Things
Every access attempt, success or fail, is logged in detail, providing full visibility into who is accessing your secrets and from where
Config Inheritance
Define values once at the app level and inherit them across all environments, reducing the risk of misconfiguration
Safety Checks
We’ll warn you when you’re about to push your local changes to secrets that have been changed since you last pulled.
Environment Firewalls
Control access to your secrets by creating allow/deny firewalls by IP and subnets. You can setup progressively more strict firewalls on more production environments.
Intuitive CLI
An intuitive CLI that makes managing your app’s secrets and configurations fast and effortless.