Case Study: Cruise achieves frictionless autonomous vehicle security with HashiCorp Vault

Vault at GM Cruise Securing Autonomous Vehicles and the Humans Who Build Them

Cruise Automation, GM Cruise, needed a way to build frictionless security into the workflows of engineers creating and deploying autonomous vehicles. The team had to secure not only the cars themselves, but also the people, applications, and systems around them, while keeping authentication, secret access, and compliance simple enough to avoid slowing development. HashiCorp’s Vault was used as the core product to help standardize and centralize these security processes.

With HashiCorp Vault, Cruise implemented a flexible, API-driven approach to authentication, secret management, PKI/certificate issuance, SSH access, and cryptography as a service. They also built supporting tooling, policy automation, end-to-end testing, and custom plugins to reduce manual work and scale security across humans and robots alike. The result was a more consistent, lower-friction security model that improved trust, protected data, and helped Cruise scale secure operations across its autonomous-vehicle platform.

Cruise

Brian Nuszkowski

Security Engineer