Skip to main content

Securosys Primus HSM integration with Delinea Secret Server

Delinea Secret Server is an enterprise-grade password vault and privileged credential management solution that helps organizations secure their most sensitive accounts and secrets. As a key part of Delinea’s Privileged Access Management (PAM) platform, Secret Server provides a centralized, encrypted repository for managing credentials such as admin passwords, service accounts, SSH keys, and API secrets. It automates password rotation, enforces access controls, and monitors usage to reduce the risk of credential theft or misuse.

Designed for fast deployment and scalability, Secret Server supports both on-premise and cloud environments, integrating easily with Active Directory, MFA, SIEM, and ITSM tools.

In addition to its seamless integration with these enterprise systems, Delinea Secret Server also easily integrates with Securosys Primus HSMs, whether deployed on-premise (Primus HSM) or in the cloud (CloudHSM).

This integration enables organizations to offload key management and cryptographic operations to a highly secure, tamper-resistant hardware environment—further strengthening the protection of privileged credentials and ensuring compliance with strict security standards.

Benefits of integrating Securosys Primus HSM with Delinea Secret Server:

  • Stronger Key Protection: Encryption keys are generated and stored securely within the HSM, never exposed in application memory or software layers.
  • Compliance and Certification: Supports FIPS 140-2 Level 3 and Common Criteria EAL4+, helping meet compliance for regulations like GDPR, PCI-DSS and others.
  • Tamper-Resistant Architecture: Offers robust protection against physical and logical tampering, enhancing trust in credential storage and encryption.
  • High Availability and Redundancy: Clustered HSM deployments enable automatic failover, load balancing, and continuous operation.
  • Secure Backup and Key Escrow: Ensures cryptographic materials are safely backed up and recoverable only within the same HSM trust boundary.
  • Cryptographic Offloading: Performs encryption, decryption, and signing operations in hardware, improving performance and offloading CPU resources.
  • Flexible Deployment: Supports both on-prem and cloud-native architectures, allowing organizations to maintain a consistent security model across environments.

Integration Procedure

The integration between Secret Server and Primus HSM is documented by Delinea in their Online Documentation.

A quick overview of the steps:

  1. Prerequisites, ensure you adhere to the prerequisites described by Delinea.
  2. HSM and Provider configuration, configure the Secuorsys MS CNG and Securosys PKCS#11 Providers.
  3. Connect the HSM with the Secret Server
Get started withCloudHSM for free.
Other questions?Ask Sales.
Last updated on
Feedback
Need help?