How It Works
From Deployment to Protection in Minutes
VaultGuard360 deploys as an Azure Managed Application directly from Azure Marketplace. It runs entirely within your Azure tenant, using a managed identity to securely scan your Key Vaults.
Deploy from Azure Marketplace
~5 minutesSearch for "VaultGuard360" in Azure Marketplace, click "Create" and select your subscription, choose your tier, configure basic settings, and deploy.
Grant Permissions
~5 minutesVaultGuard360 uses a managed identity to access your Key Vaults. Grant "Key Vault Reader" permissions at the appropriate scope.
Configure Notifications
~10 minutesSet up your notification email address and team routing. Configure webhook URLs for additional integrations.
Set Alert Thresholds
~2 minutesChoose when to be notified (30, 14, 7 days before expiration). Professional/Enterprise can set custom thresholds.
You're Protected
OngoingVaultGuard360 scans daily and sends alerts automatically. View your dashboard or wait for email alerts.
Coverage
What Gets Scanned
| Item Type | What We Monitor |
|---|---|
| Secrets | Name, expiration date, enabled status |
| Certificates | Name, expiration date, enabled status |
| Keys | Name, expiration date, enabled status |
Important: VaultGuard360 never reads or stores actual secret values. Only metadata required for expiration tracking.
Security
Your Data Stays Yours
Runs in Your Tenant
VaultGuard360 runs entirely in your Azure subscription as a Managed Application.
Managed Identity
Uses Azure Managed Identity with no stored credentials. We never have access to your secrets.
Azure Resource Manager
Scans via Azure Resource Manager APIs, reading only metadata — never secret values.
No External Transmission
Alert metadata is sent via your own Microsoft 365 email. No external data transmission.
Ready to Deploy?
Get started in minutes with our Azure Marketplace deployment. Your first scan runs automatically.