diff --git a/content/docs/esc/vs/_index.md b/content/docs/esc/vs/_index.md
new file mode 100644
index 000000000000..bc2220c61cf9
--- /dev/null
+++ b/content/docs/esc/vs/_index.md
@@ -0,0 +1,21 @@
+---
+title_tag: "Pulumi ESC Compared to Alternatives"
+meta_desc: Learn how Pulumi ESC compares with alternative Environments, Secrets, and Configurations solutions.
+title: Compare to...
+h1: Compare Pulumi ESC to other solutions
+meta_image: /images/docs/meta-images/docs-meta.png
+menu:
+    pulumiesc:
+        weight: 7
+        identifier: esc-vs
+aliases:
+---
+
+Pulumi ESC is centralized environments, secrets, and configuration manager for cloud applications and infrastructure. It provides the ability to create environments which are collections of secrets and configuration that can be versioned, branched, and composed inside other collections. ESC supports pulling and centralizing the management of secrets from 1Password, AWS OIDC, AWS Secrets Manager, Azure OIDC, Azure Key Vault, Google Cloud OIDC, Google Cloud Secrets Manager, Pulumi stacks, Vault OIDC, and Vault.
+
+There are many tools that overlap with Pulumi ESC's capabilities. Many
+of these are complementary and can be used together, whereas some are "either or" decisions.
+
+Here are several useful comparisons that will help you understand Pulumi's place in the cloud tooling ecosystem:
+
+* [Infisical](/docs/esc/vs/infisical/)
diff --git a/content/docs/esc/vs/infisical.md b/content/docs/esc/vs/infisical.md
new file mode 100644
index 000000000000..282c452812a5
--- /dev/null
+++ b/content/docs/esc/vs/infisical.md
@@ -0,0 +1,173 @@
+---
+title_tag: "Pulumi ESC vs Infisical"
+meta_desc: Learn about the major differences between Pulumi ESC and Infisical.
+title: Pulumi ESC vs Infisical
+h1: Pulumi ESC vs Infisical
+meta_image: /images/docs/meta-images/docs-meta.png
+menu:
+    pulumiesc:
+        identifier: infisical
+        parent: esc-vs
+        weight: 2
+aliases:
+---
+
+<style>
+    main table {
+        font-size: 0.94em;
+    }
+
+    main table th,
+    main table td {
+        width: 33.3%;
+    }
+</style>
+
+Choosing the right [secrets management](/what-is/what-is-secrets-management/) tool is important, and we want you to have as much information as possible to make the choice that best suits your needs. We’ve created this document to help you understand how Pulumi ESC compares with Infisical.
+
+## What is Infisical?
+
+Infisical is a secrets management tool that provides a centralized platform for managing and controlling access to secrets. It supports dynamic secret generation, encryption as a service, and comprehensive access policies.
+
+## Pulumi ESC vs. Infisical: Similarities {#similarities}
+
+Like Infisical, Pulumi ESC is a secrets manager for cloud applications and infrastructure. In both ESC and Infisical, secrets can be stored and accessed through a CLI, SDK, or Web editor interface. Granular access controls can be implemented across all secrets.
+
+## Pulumi ESC vs. Infisical: Key Differences {#differences}
+
+There are a couple of fundamental differences between Infisical and Pulumi ESC. First, ESC and Infisical differ in that Infisical can only add and manage secrets stored in Infisical. ESC adopts an open ecosystem approach, allowing you to pull secrets stored in most secrets and password managers during runtime and use them anywhere. This allows teams to use the best secrets management solution according their purposes and needs. Second, Infisical lacks the composability and hierarchical nature of ESC, which increases getting started speed and duplication of secrets. Third, ESC takes a software engineering approach to versioning with ability to add tags and import specific collections of secrets and configuration via those tags, similar to Docker. Fourth, ESC takes a more secure limited privilege path to provisioning dynamic short-term credentials as compared to Infisical.
+
+Here's a detailed comparison of the two:
+
+<table>
+    <tr>
+        <th>Feature</th>
+        <th>Pulumi ESC</th>
+        <th>Infisical</th>
+    </tr>
+    <tr>
+        <th colspan=3>Architecture</th>
+    </tr>
+    <tr>
+        <td>OSS License</td>
+        <td>Yes, Apache License 2.0</td>
+        <td>Yes, MIT expat license</td>
+    </tr>
+     <tr>
+        <td>Document Store</td>
+        <td>Yes</td>
+        <td>No</td>
+    </tr>
+    <tr>
+        <td>Key-value Store</td>
+        <td>Yes</td>
+        <td>Yes</td>
+    </tr>
+    <tr>
+        <td>Open Ecosystem</td>
+        <td>Yes, supports pulling and using secrets from multiple sources including HashiCorp Vault, 1Password, AWS Secrets Manager, etc.</td>
+        <td>No, can only store and manage secrets stored in Infisical</td>
+    </tr>
+    <tr>
+        <th colspan=3>Developer Experience</th>
+    </tr>
+    <tr>
+        <td>Editing and Authoring</td>
+        <td>Yes, supports both GUI and powerful Document Editor with autocomplete, docs hover, and error checking</td>
+        <td>Limited, has GUI editor without YAML support</td>
+    </tr>
+    <tr>
+        <td>CLI</td>
+        <td>Yes, available as <code>esc</code> CLI or <code>pulumi</code> CLI</td>
+        <td>Yes</td>
+    </tr>
+    <tr>
+        <td>Client SDKs</td>
+        <td>Yes</td>
+        <td>Yes</td>
+    </tr>
+      <tr>
+        <td>Declarative Provider</td>
+        <td>Yes, support via the Pulumi Service Provider, which allows management (create, update, delete) of collections of secrets and configuration as a resource through infrastructure as code.</td>
+        <td>No</td>
+    </tr>
+    <tr>
+        <td>Composability</td>
+        <td>Yes, simple set up of hierarchical environments that inherit values from imported environments</td>
+        <td>No, can only reference singular secrets from other environments and references have to be duplicated in multiple environments</td>
+    </tr>
+    <tr>
+        <td>Versioning</td>
+        <td>Yes, entire environments can be versioned and tagged and imported based on the specific version tags or revision numbers</td>
+        <td>Limited</td>
+    </tr>
+    <tr>
+        <td>Immutable History & Point in Time Recovery</td>
+        <td>Yes</td>
+        <td>Yes</td>
+    </tr>
+    <tr>
+        <td>Values Can Be of Type Secret and Plaintext</td>
+        <td>Yes</td>
+        <td>No, values can only be secrets</td>
+    </tr>
+    <tr>
+        <td>Interpolate Values from Other Values</td>
+        <td>Yes, new dynamic values can be constructed through string interpolation</td>
+        <td>No</td>
+    </tr>
+    <tr>
+        <td>Branching / Personal configs</td>
+        <td>Yes, environments can be forked for testing without rewriting entire environments and overriding specific values</td>
+        <td>Limited, requires careful copying since secrets need to be downloaded in plaintext locally and then uploaded</td>
+    </tr>
+    <tr>
+        <td>Compare Secrets across Environments</td>
+        <td>No</td>
+        <td>Yes</td>
+    </tr>
+    <tr>
+        <td>In-built Functions</td>
+        <td>Yes, support for functions like <code>toJSON, fromJSON, fromBase64, toString</code> allows data manipulation for any scenario</td>
+        <td>No</td>
+    </tr>
+    <tr>
+        <th colspan=3>Security and Compliance</th>
+    </tr>
+    <tr>
+        <td>Audit Logs</td>
+        <td>Yes</td>
+        <td>Yes</td>
+    </tr>
+    <tr>
+        <td>Encrypted Secrets Storage</td>
+        <td>Yes, TLS is used for encryption in transit and unique encryption keys per environment are employed for encryption at rest</td>
+        <td>Yes</td>
+    </tr>
+    <tr>
+        <td>Access Controls</td>
+        <td>Yes</td>
+        <td>Yes</td>
+    </tr>
+    <tr>
+        <td>Secure Dynamic Cloud Provider Credentials</td>
+        <td>Yes, uses OIDC flows to generate dynamic credentials. Available for AWS, Azure, and Google Cloud.</td>
+        <td>No, less secure as it requires access keys for highly privileged root accounts</td>
+    </tr>
+    <tr>
+        <td>OIDC Trust</td>
+        <td>Yes, trust relationships are established with third-party OIDC providers</td>
+        <td>No</td>
+    </tr>
+    <tr>
+        <td>Secure Environment Variables</td>
+        <td>Yes, the <code>esc run</code> CLI command can be used to specify which secrets are available as environment variables</td>
+        <td>No, all values are available as environment variables</td>
+    </tr>
+        <td>Plaintext Read Only Mode</td>
+        <td>Yes, ESC offers a <code>read</code> mode that allows reading only plaintext values while not being able to decrypt secrets or  access dynamic credentials</td>
+        <td>No</td>
+    </tr>
+</table>
+
+{{< get-started-esc >}}
diff --git a/layouts/shortcodes/get-started-esc.html b/layouts/shortcodes/get-started-esc.html
new file mode 100644
index 000000000000..f86fec3bf9f4
--- /dev/null
+++ b/layouts/shortcodes/get-started-esc.html
@@ -0,0 +1,33 @@
+<section id="get-started" class="py-16 px-4">
+    <div class="container mx-auto max-w-5xl md:flex my-8 align-top justify-center text-center">
+        <div class="md:w3-/12 mr-4">
+            <h2>Get Started with Pulumi</h2>
+            <p>{{ "Use Pulumi ESC to easily centralize and manage environments, secrets, and configurations. Follow our [Get Started guide](/docs/esc/get-started/) for ESC to begin. If you want to use Vault or any other secrets manager with ESC, follow the below guides to import secrets from existing secrets managers into ESC environments." | markdownify }}</p>
+        </div>
+    </div>
+
+    <div class="mx-auto max-w-4xl">
+        <div class="tiles flex-wrap mt-4">
+            <div class="pb-4 md:pr-4 md:w-1/2">
+                <a class="tile p-8" href="/docs/pulumi-cloud/esc/providers/aws-secrets/">
+                    <img class="h-10 mx-auto" src="/logos/tech/aws.svg" alt="AWS" />
+                </a>
+            </div>
+            <div class="pb-4 md:w-1/2">
+                <a class="tile p-8" href="/docs/pulumi-cloud/esc/providers/azure-secrets/">
+                    <img class="h-10 mx-auto" src="/logos/tech/azure.svg" alt="Azure" />
+                </a>
+            </div>
+            <div class="pb-4 md:pr-4 md:w-1/2">
+                <a class="tile p-8" href="/docs/pulumi-cloud/esc/providers/gcp-secrets/">
+                    <img class="h-10 mx-auto" src="/logos/tech/gcp.svg" alt="Google Cloud" />
+                </a>
+            </div>
+            <div class="pb-4 md:w-1/2">
+                <a class="tile p-8" href="/docs/pulumi-cloud/esc/providers/vault-secrets/">
+                    <img class="h-10 mx-auto" src="/logos/tech/vault-2.png" alt="Vault" />
+                </a>
+            </div>
+        </div>
+    </div>
+</section>
\ No newline at end of file
diff --git a/static/logos/tech/vault-2.png b/static/logos/tech/vault-2.png
new file mode 100644
index 000000000000..e8eaa97686a4
Binary files /dev/null and b/static/logos/tech/vault-2.png differ

Feature	Pulumi ESC	Infisical
Architecture
OSS License	Yes, Apache License 2.0	Yes, MIT expat license
Document Store	Yes	No
Key-value Store	Yes	Yes
Open Ecosystem	Yes, supports pulling and using secrets from multiple sources including HashiCorp Vault, 1Password, AWS Secrets Manager, etc.	No, can only store and manage secrets stored in Infisical
Developer Experience
Editing and Authoring	Yes, supports both GUI and powerful Document Editor with autocomplete, docs hover, and error checking	Limited, has GUI editor without YAML support
CLI	Yes, available as `esc` CLI or `pulumi` CLI	Yes
Client SDKs	Yes	Yes
Declarative Provider	Yes, support via the Pulumi Service Provider, which allows management (create, update, delete) of collections of secrets and configuration as a resource through infrastructure as code.	No
Composability	Yes, simple set up of hierarchical environments that inherit values from imported environments	No, can only reference singular secrets from other environments and references have to be duplicated in multiple environments
Versioning	Yes, entire environments can be versioned and tagged and imported based on the specific version tags or revision numbers	Limited
Immutable History & Point in Time Recovery	Yes	Yes
Values Can Be of Type Secret and Plaintext	Yes	No, values can only be secrets
Interpolate Values from Other Values	Yes, new dynamic values can be constructed through string interpolation	No
Branching / Personal configs	Yes, environments can be forked for testing without rewriting entire environments and overriding specific values	Limited, requires careful copying since secrets need to be downloaded in plaintext locally and then uploaded
Compare Secrets across Environments	No	Yes
In-built Functions	Yes, support for functions like `toJSON, fromJSON, fromBase64, toString` allows data manipulation for any scenario	No
Security and Compliance
Audit Logs	Yes	Yes
Encrypted Secrets Storage	Yes, TLS is used for encryption in transit and unique encryption keys per environment are employed for encryption at rest	Yes
Access Controls	Yes	Yes
Secure Dynamic Cloud Provider Credentials	Yes, uses OIDC flows to generate dynamic credentials. Available for AWS, Azure, and Google Cloud.	No, less secure as it requires access keys for highly privileged root accounts
OIDC Trust	Yes, trust relationships are established with third-party OIDC providers	No
Secure Environment Variables	Yes, the `esc run` CLI command can be used to specify which secrets are available as environment variables	No, all values are available as environment variables
Plaintext Read Only Mode	Yes, ESC offers a `read` mode that allows reading only plaintext values while not being able to decrypt secrets or access dynamic credentials	No