Alternatives to AWS Secrets Manager
Compare AWS Secrets Manager alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to AWS Secrets Manager in 2026. Compare features, ratings, user reviews, pricing, and more from AWS Secrets Manager competitors and alternatives in order to make an informed decision for your business.
-
1
Keeper Security
Keeper Security
Keeper Security is transforming the way people and organizations around the world secure their passwords and passkeys, secrets and confidential information. Keeper’s easy-to-use cybersecurity platform is built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Keeper’s solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations globally, Keeper is the leader for best-in-class password and passkey management, secrets management, privileged access, secure remote access and encrypted messaging. Protect what matters at KeeperSecurity.com. -
2
Securden Password Vault for Enterprises
Securden, Inc
Securden Password Vault for Enterprises is a scalable, enterprise-grade credential management solution available in both cloud (SaaS) and on-premise deployments. It centralizes the storage of passwords, SSH keys, DevOps secrets, files, and other sensitive data in an AES-256 encrypted vault, helping organizations enforce strong security controls and defend against insider and external threats. The solution enables secure credential storage, granular access controls, automated password rotation, and just-in-time access while providing full visibility through audit logs, session recordings, and real-time alerts. IT teams can launch secure remote connections such as RDP, SSH, and SQL directly from the vault without exposing credentials. Trusted by enterprises worldwide, Securden helps organizations strengthen security posture, streamline credential governance, improve operational efficiency, and meet compliance requirements across industries. -
3
GitGuardian
GitGuardian
GitGuardian is an end-to-end NHI security platform that empowers software-driven organizations to enhance their Non-Human Identity (NHI) security and comply with industry standards. With attackers increasingly targeting NHIs, such as service accounts and applications, GitGuardian integrates Secrets Security and NHI Governance. This dual approach enables the detection of compromised secrets across your dev environments while also managing non human identities and their secrets lifecycle. The platform supports over 450+ types of secrets, offers public monitoring for leaked data, and deploys honeytokens for added defense. Trusted by over 600,000 developers, GitGuardian is the choice of leading organizations like Snowflake, ING, BASF and Bouygues Telecom for robust secrets protection.Starting Price: $0 -
4
SharePass
SharePass
SharePass is a SaaS Secret Management platform that allows sharing and managing secrets and confidential information using a web application, extension, or mobile app. SharePass works with encrypted links transmitted from the sender to the receiver with various settings and flags. The settings include expiry restriction, availability, IP restrictions and an entire filtering funnel (patent pending). SharePass is platform-independent that can be used with your existing communication tools. When it comes to your privacy, SharePass or any of its employees cannot see the content of your secrets; the secrets can be seen only by the exchanging parties. SharePass meets the latest cybersecurity compliance and regulations. In the era of identity theft, SharePass will protect you and prevent your data from leaking to the dark web by eliminating your digital footprint. SharePass supports SSO with Office365, Google Workspace, MFA, and integration with Yubikeys for maximum security.Starting Price: Free -
5
Doppler
Doppler
Stop struggling with scattered API keys, hacking together home-brewed configuration tools, and avoiding access controls. Give your team a single source of truth with Doppler. The best developers automate the pain away. Create references to frequently used secrets in Doppler. Then when they need to change, you only need to update them once. Your team's single source of truth. Organize your variables across projects and environments. The scary days of sharing secrets over Slack, email, git, zip files, are over. After adding a secret, your team and their apps have it instantly. Like git, the Doppler CLI smartly knows which secrets to fetch based on the project directory you are in. Gone are the futile days of trying to keep ENV files in sync! Practice least privilege with granular access controls. Reduce exposure when deploying with read-only service tokens. Contractor needs access to just development? Easy!Starting Price: $6 per seat per month -
6
Cycode
Cycode
A platform for security, governance, and pipeline integrity for all your development tools & infrastructure. Harden your source control management systems (SCM), find secrets, leaks and prevent code tampering. Scan your CI/CD settings and Infrastructure-as-Code (IaC) for security misconfiguration. Identify drift between production systems IaC configurations and prevent source code tampering. Stop developers from inadvertently exposing proprietary code in public repositories, fingerprint code assets and proactively identify exposure on public sites. Inventory assets, enforce security policies, and easily demonstrate compliance across all your DevOps tools and infrastructure, both in the cloud and on-premises. Scan IaC for security misconfigurations and ensure compliance between defined IaC configurations and production infrastructure. Scan every commit or pull/merge request for hard-coded secrets and prevent them from reaching the master branch across all SCMs and programming languages. -
7
AWS Systems Manager
Amazon
AWS Systems Manager is a comprehensive solution that enables centralized visualization, management, and operation of nodes at scale across AWS, on-premises, and multi-cloud environments. It provides a unified console experience, consolidating various tools to facilitate common node tasks across AWS accounts and regions. With Systems Manager, you can automate routine operational tasks, reducing the time and effort required for system maintenance. It offers secure remote management of nodes without the need for bastion hosts, SSH, or remote PowerShell, simplifying operations and enhancing security. The platform also supports automated patching of operating systems and software, ensuring that your infrastructure remains up-to-date and compliant. Additionally, Systems Manager provides real-time insights into your node infrastructure, allowing for quick identification and resolution of issues. Its integration capabilities extend across hybrid and multi-cloud environments. -
8
Knox
Pinterest
Knox is a secret management service. Knox is a service for storing and rotation of secrets, keys, and passwords used by other services. Pinterest has a plethora of keys or secrets doing things like signing cookies, encrypting data, protecting our network via TLS, accessing our AWS machines, communicating with our third parties, and many more. If these keys become compromised, rotating (or changing our keys) used to be a difficult process generally involving a deploy and likely a code change. Keys/secrets within Pinterest were stored in git repositories. This means they were copied all over our company's infrastructure and present on many of our employees laptops. There was no way to audit who accessed or who has access to the keys. Knox was built to solve these problems. Ease of use for developers to access/use confidential secrets, keys, and credentials. Confidentiality for secrets, keys, and credentials. Provide mechanisms for key rotation in case of compromise. -
9
Keywhiz
Keywhiz
Keywhiz is a system for managing and distributing secrets. It can fit well with a service oriented architecture (SOA). Here is an overview in presentation format. Common practices include putting secrets in config files next to code or copying files to servers out-of-band. The former is likely to be leaked and the latter difficult to track. Keywhiz makes managing secrets easier and more secure. Keywhiz servers in a cluster centrally store secrets encrypted in a database. Clients use mutually authenticated TLS (mTLS) to retrieve secrets they have access to. Authenticated users administer Keywhiz via CLI. To enable workflows, Keywhiz has automation APIs over mTLS. Every organization has services or systems that require secrets. Secrets like TLS certificates/keys, GPG keys, API tokens, database credentials. Keywhiz is reliable and used in production, however occasional changes may break API backward compatibility. -
10
Confidant
Confidant
Confidant is a open source secret management service that provides user-friendly storage and access to secrets in a secure way, from the developers at Lyft. Confidant solves the authentication chicken and egg problem by using AWS KMS and IAM to allow IAM roles to generate secure authentication tokens that can be verified by Confidant. Confidant also manages KMS grants for your IAM roles, which allows the IAM roles to generate tokens that can be used for service-to-service authentication, or to pass encrypted messages between services. Confidant stores secrets in an append-only way in DynamoDB, generating a unique KMS data key for every revision of every secret, using Fernet symmetric authenticated cryptography. Confidant provides an AngularJS web interface that allows end-users to easily manage secrets, the mappings of secrets to services and the history of changes. -
11
CyberArk Conjur
CyberArk
A seamless open source interface to securely authenticate, control and audit non-human access across tools, applications, containers and cloud environments via robust secrets management. Secrets grant access to applications, tools, critical infrastructure and other sensitive data. Conjur secures this access by tightly controlling secrets with granular Role-Based Access Control (RBAC). When an application requests access to a resource, Conjur authenticates the application, performs an authorization check against the security policy and then securely distributes the secret. Security policy as code is the foundation of Conjur. Security rules are written in .yml files, checked into source control, and loaded onto the Conjur server. Security policy is treated like any other source control asset, adding transparency and collaboration to the organization’s security requirements. -
12
Entro
Entro Security
Non-Human Identity & Secrets Security Platform. A pioneer in non-human identity management, Entro enables organizations to securely utilize non-human identities and secrets, overseeing their usage and automating their lifecycle from inception to rotation. Secrets-based cyber attacks are devastating and growing as more and more secrets are created by R&D teams and spread across various vaults and repositories with no real secret management, monitoring, or security oversight. Streamline and secure your non-human identity lifecycle management. With Entro, security teams can now oversee and protect Non-human identities with automated lifecycle management and seamless integration, ensuring comprehensive security & compliance through a unified interface. -
13
Yandex Lockbox
Yandex
Create secrets in the management console or using the API. Your secrets are safely stored in one place, easily integrated with your cloud services, and accessible via external systems over the gRPC or REST API. Encrypt your secrets using Yandex Key Management Service keys. Secrets are only stored in encrypted form. You can choose pre-configured service roles to ensure granular access to your secrets. Set up access permissions to read or manage your secret or its metadata. Create a secret, select a Key Management Service (KMS) key, and securely store your login-password pairs and other sensitive information. A secret may contain any of your confidential information, e.g. a login-password pair, server certificate keys, or cloud service account keys. Each secret stored by the service can have multiple versions of stored data. The service stores this data securely in encrypted form. All secrets are replicated in three availability zones.Starting Price: $0.0277 per 10000 operations -
14
Use keys to protect the secrets, personal data, and sensitive information you store in the cloud. Create and delete keys, set up access policies, and perform rotation via the management console, CLI, or API. Yandex KMS implements symmetric and asymmetric cryptography. Use the REST or RPC API to encrypt and decrypt small amounts of data, such as secrets and local encryption keys, as well as to sign data using e-signature schemes. You manage access to encrypted data, and Yandex KMS ensures the reliability and physical security of keys. Hardware Security Modules (HSMs) are available. Encrypt small amounts of data using the SDK in Java or Go. To encrypt larger amounts of data, the service is integrated with popular encryption libraries, including the AWS Encryption SDK and Google Tink. Integration with Yandex Lockbox makes it possible to encrypt secrets with your own keys. Secrets and data can also be protected using encryption keys in Managed Service for Kubernetes.Starting Price: $0.0230 per month
-
15
Infisical
Infisical
Compare secrets across environments and see what's different or missing. Set personal values for secrets – either during local development or for sensitive secrets. Easily inherit other secrets to establish a single source of truth. Automatically identify and prevent secret leaks to git using Infisical's continuous monitoring and pre-commit checks – support over 140 secret types.Starting Price: $6 per month -
16
SecretHub
SecretHub
Upgrade security throughout the stack with a unified secrets management platform that every engineer can use – from admin to intern. Putting passwords and API keys in source code creates a security risk. But handling them properly creates complexity that makes it extremely cumbersome to deploy. Git, Slack, and email are designed to share information, not to keep secrets. Copy-pasting values and waiting on that one admin who holds all the keys simply don't scale when you're deploying software multiple times a week. It's impossible to track who accessed what secrets at what time, making compliance audits a nightmare. Eliminate secrets in source code by replacing plaintext values with a reference to the secret. SecretHub then automatically loads secrets into your app the moment it starts. Use the CLI to encrypt and store secrets and then simply tell the code where to look for the secret. Your code is now free of secrets and can be shared with everyone on your team.Starting Price: $99 per month -
17
Segura
Segura
Segura® (formerly senhasegura) is a cybersecurity company focused on Privileged Access Management (PAM). Its platform helps organizations secure and manage privileged identities, credentials, and secrets across hybrid and cloud environments. Segura supports use cases such as credential vaulting, session monitoring, privilege elevation, and secrets management for DevOps. Designed to simplify complex identity security challenges, Segura provides IT teams with visibility, control, and tools to reduce risk and support compliance. The company operates globally through a network of partners and serves customers across key sectors, including finance, healthcare, government, telecom, and critical infrastructure. -
18
Onboardbase
Onboardbase
Onboardbase is the a secret management infrastructure platform that provides single source of shared truth for app secrets and usage. It helps dev teams securely share and work with environment-specific configs at every development stage, synced across infrastructure without compromising security - this means development teams can focus on building great apps rather than managing secrets and data. Secrets are dynamically kept up to date across your environments and infrastructure, with 50+ integrations and growing. Dev teams can monitor and audit how long, where and when your secrets are used and revoke usage anywhere with a click. Powerful always-on codebase scanning features prevent developers from accidentally leaking secrets to production, maintaining a robust security model.Starting Price: Free -
19
PrivX
SSH Communications Security
PrivX is a scalable, cost-efficient, and highly automated privileged access management (PAM) solution for hybrid and multi-cloud environments, quantum-safe connections and any combination of password vaulting, rotation, and passwordless authentication. PrivX makes PAM easy, productive, and secure while decreasing complexity and costs. PrivX reduces the risk of passwords, keys, and other leave-behind credentials by eliminating them right after access authentication. Instead, it uses short-lived, ephemeral certificates. Your privileged users and superusers get just-in-time, role-based Zero Trust access without the need to handle, vault, manage or rotate any secrets. PrivX also supports hybrid environments with a secrets vault and password rotation when necessary. It even allows you to make quantum-safe SSH connections. -
20
Hemmelig.app
Hemmelig.app
Hemmelig lets you share secrets securely with encrypted messages that automatically self-destruct after being read. Paste a password, confidential message, or private data. Ensure your sensitive data remains encrypted, secure, and confidential. The secret link, by default, is a one-time use only, after which it will vanish. Hemmelig, [he`m:(ə)li], means secret in Norwegian.Starting Price: Free -
21
HashiCorp Vault
HashiCorp
Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API. Secure applications and systems with machine identity and automate credential issuance, rotation, and more. Enable attestation of application and workload identity, using Vault as the trusted authority. Many organizations have credentials hard coded in source code, littered throughout configuration files and configuration management tools, and stored in plaintext in version control, wikis, and shared volumes. Safeguarding and ensuring that a credentials isn’t leaked, or in the likelihood it is, that the organization can quickly revoke access and remediate, is a complex problem to solve. -
22
Corsha
Corsha
APIs power all of your applications and services. Secrets are shared. They are rarely rotated, sometimes never at all. API keys and tokens, even PKI, are getting leaked at an alarming rate. You need clear visibility into and simple control over the machines that are accessing your APIs. Organizations lack visibility into the machines that are leveraging API secrets, and as automation shifts risk from human to machine, the identities of these machines and the secrets they use is more important than ever. Corsha stops API attacks that use stolen or compromised API credentials and helps enterprises protect data and applications that leverage machine to machine (or service to service) API communication. -
23
Password.link
Password.link
The link can only be opened once. This ensures nobody has opened it before the recipient and nobody can open it again afterward. The encrypted secret is deleted from our database when it has been viewed. There's no way to view it again. Sending secrets in plain text exposes them to threats even after the message has been long forgotten. Using a one-time link ensures that there are no valid credentials lying around in email inboxes or archived instant messages. Half of the encryption key is stored in the link itself and never seen by us or anyone else. Viewing the secret is not possible without the original link. Using our service you can create a one-time link to the credentials and be sure nobody sees them before the recipient. You can also configure notifications to be sent via different channels so you know when the credentials have been viewed, and by who.Starting Price: €8.99 per month -
24
SlashID
SlashID
Identity is the most common vector for lateral movement and data breaches. SlashID helps you build a secure, compliant, and scalable identity infrastructure. Manage the creation, rotation and deletion of identities and secrets in a single place. Complete inventory of all your identities and secrets, multi-cloud. Detect initial access, privilege escalation, and lateral movement across your IdPs and cloud environments. Add authentication, authorization, conditional access, and tokenization to your services. Detect leaked key materials in real-time and prevent data breaches by rotating them. Automatically block, suspend, rotate or enforce MFA on a detection to reduce the impact of an attack. Add MFA and conditional access to your applications. Add authentication, authorization, credential tokenization, and conditional access to your APIs and workloads. -
25
Bravura Safe
Bravura Security
Bravura Safe is a zero-knowledge secret and passwords manager that centrally, consistently, and securely manages decentralized passwords, and secrets so your employees don't have to. It complements core password management solutions that organizations already use. Bravura Safe leverages two decades of Bravura Security’s enterprise cybersecurity solutions. Employees can securely send time-bound passwords for new accounts, encryption keys for files, or entire files without them being leaked or intercepted, and with only one password to their Bravura Safe to remember. The recent rising threat of organizational insiders being paid to help in cyberattacks combined with notoriously bad secret and password hygiene at an individual level is a cause for cybersecurity leaders to be concerned. While IT teams have focused on implementing strong SSO, password management, identity and even privileged access management solutions, the work-from-home world has caused shadow IT to explode. -
26
TruffleHog
Truffle Security
TruffleHog runs behind the scenes to scan your environment for secrets like private keys and credentials, so you can protect your data before a breach occurs. Secrets can be found anywhere, so TruffleHog scans more than just code repositories, including SaaS and internally hosted software. With support for custom integrations and new integrations added all the time, you can secure your secrets across your entire environment. TruffleHog is developed by a team entirely comprised of career security experts. Security is our passion and primary concern, and all features are developed with best practices in mind. TruffleHog enables you to track and manage secrets within our intuitive management interface, including links to exactly where secrets have been found. Authenticate with secure OAuth workflows for users and never worry about username and password breaches. -
27
Britive
Britive
Permanent elevated privileges leave you open to increased data loss & account damage due to insider threats & hackers 24/7. Temporarily granting & expiring Just In Time Privileges with Britive instead minimizes the potential blast radius of your privileged human and machine identities. Maintain zero standing privileges (ZSP) across your cloud services, without the hassle of building a DIY cloud PAM solution. Hardcoded API keys and credentials, typically with elevated privileges, are sitting targets for exploits, and there are 20x more machine IDs using them than there are human users. Granting & revoking Just-in-Time (JIT) secrets with Britive can significantly reduce your credential exposure. Eliminate static secrets & maintain zero standing privileges (ZSP) for machine IDs. Most cloud accounts become over-privileged over time. Contractors & employees often maintain access after they leave. -
28
WALLIX Bastion
WALLIX
Easy to use and deploy, the WALLIX Bastion PAM solution delivers robust security and oversight over privileged access to critical IT infrastructure. Reduce the attack surface, secure remote access, and meet regulatory compliance requirements with simplified Privileged Access Management. WALLIX Bastion delivers leading session management, secrets management, and access management features to secure IT and OT environments, enable Zero Trust and Just-In-Time policies, and to protect internal and external access to sensitive data, servers, and networks in industries ranging from healthcare to finance to industry and manufacturing. Adapt to the digital transformation with secure DevOps thanks to AAPM (Application-to-Application Password Management). WALLIX Bastion is available both on-premise and in cloud environments for complete flexibility, scalability, and the lowest market total cost of ownership. WALLIX Bastion PAM natively integrates with a full suite of security solutions -
29
keyhold.io
keyhold.io
Your clients send credentials via Slack. Your contractors have passwords in email threads. Chaos. keyhold.io is a zero-knowledge secret custody platform for teams who manage credentials that aren't theirs. Send secure request links, collect credentials encrypted before they reach our servers, and get full audit trails of every access. Built for MSPs, agencies, and anyone tired of sensitive access scattered across chat threads.Starting Price: £50/month -
30
InPrivy
InPrivy
Easily share sensitive information with co-workers, clients, friends, and family. Use InPrivy to share passwords and other sensitive information in a secure way. Prevent your confidential data to remain fully visible in email conversations or chats. Sharing private notes, passwords, API keys, credit card information or any other kind of sensitive data should be done in a safe way. When sending them via email or messengers, your data remains visible and accessible for a long time. Start sharing the secure way, and use InPrivy. No ads, no excessive user tracking, and made in Germany. We ensure robust protection of your sensitive information. Use anywhere on the web, without installing any apps. You are the only one who knows the link to the secret information you created. Give it to the person who should see it. The links are encrypted with SSL and can only be used once by default. The secret information is also kept safe using strong AES-256 encryption.Starting Price: €30 per year -
31
Evo Security
Evo Security
Eliminate credential sharing, establish powerful administrative permissions, mass deploy login security for your customers, and meet insurance and compliance requirements with Evo Security. EPIC is the next evolutionary step for MSPs, MSSPs, NOCs, and SOCs seeking to reduce credential sharing risk and secure logins for endpoints, network devices, and web applications all-in-one. The big secret about managed services is that MSP administrators are forced to share customer passwords and MFA codes internally. Password Managers and other Password Rotation tools offer sharing convenience with some iterative improvements, however ultimately propagate the same problem. With cybercriminals targeting MSPs more than ever, and regulation mandates demanding a better way, this involuntary poor practice has run its course. Easily accommodate managed or co-managed Customer scenarios when technicians and administrators need access to the Evo platform using the Evo Privileged Access Manager. -
32
gitleaks
gitleaks
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos. Gitleaks is an easy-to-use, all-in-one solution for detecting secrets, past or present, in your code. Gitleaks can be installed using Homebrew, Docker, or Go. Gitleaks is also available in binary form for many popular platforms and OS types on the releases page. In addition, Gitleaks can be implemented as a pre-commit hook directly in your repo. -
33
Pulumi
Pulumi
Modern Infrastructure as Code. Create, deploy, and manage infrastructure on any cloud using familiar programming languages and tools. Many clouds, one workflow. Use the same language, tools, and workflow, on any cloud. Collaborate. Harmonize your engineering practices between developers and operators. Easy continuous delivery. Deploy from the CLI, or integrate with your favorite CI/CD system, and review all changes before they are made. Tame complexity. Gain visibility across all of your environments. Audit and secure. Know who changed what, when, and why. Enforce deployment policies with your identity provider of choice. Secrets management. Keep secrets safe with easy, built-in encrypted configuration. Familiar programming languages. Define infrastructure in JavaScript, TypeScript, Python, Go, or any .NET language, including C#, F#, and VB. Your favorite tools. Use familiar IDEs, test frameworks, and tools. Share and reuse. Codify best practices and policies. -
34
Delinea DevOps Secret Vault
Delinea
Enable app-to-app communications and app-to-database access without hardcoding credentials. Secure access to tools for software and infrastructure deployment, testing, orchestration, and configuration. Centrally manage, control, and audit secrets for automated processes that operate without human oversight. Deploy rapidly with cloud-native SaaS architecture and elastic scalability that static, IP-based PAM solutions can’t provide. The standard definition of PAM isn’t sufficient for the growing risk of cyberattacks. We believe PAM must address the exploding number of identities and today’s IT complexities. -
35
WidsMob PhotoVault
WidsMob
Private Photo Vault allows you to import photos into the app and hide them behind a password folder. Each and every photo you hide with PhotoVault is automatically AES-256 encrypted upon hiding. WidsMob PhotoVault keeps your photos/images locked up and protected with password protection. You can hide your pictures safely and easily in PhotoVault with password protection. Put your secret photos into the PhotoVault and hide them there without anyone knowing. You can easily view all your secret pictures on PhotoVault easily without any limitation. You can use PhotoVault to view secret pictures smoothly like a professional photo viewer. Full-screen viewing mode of PhotoVault makes you have a better viewing experience. You can view private photos in slideshow mode by setting the play duration and more. Simple edit functions to let you easily zoom or rotate your private photos without extra tools.Starting Price: $19.99 per year -
36
Unified.to
Unified.to
Ship the integrations your customers and prospects need now and watch your revenue soar, without compromising your core product. Deliver secure, deep and powerful integrations for all kinds of use cases with advanced observability and security features. We never store your customers' data, plus, you can even securely store your customers' OAUTH2 access tokens in your AWS Secrets Manager account. Keep your customers' credentials secure with OAUTH2 authentication while giving your customers full control to revoke access tokens anytime. Take charge of branding and security by using your OAUTH2 client IDS and secrets, giving your application full autonomy over authorization pages and access tokens. Skip the headache of juggling different APIs and complex data transformations. Simplify your integration process with one API and one data model.Starting Price: $250 per month -
37
Secret Network
Secret Network
Secret Network is the first blockchain with data privacy by default, allowing you to build and use applications that are both permissionless and privacy-preserving. This unique functionality protects users, secures applications, and unlocks hundreds of never-before-possible use cases for Web3. Whether you’re a developer, an artist, an entrepreneur, or a dreamer, you can become a Secret Agent and contribute to Secret Network. Check out the many contributors, collaborators, applications, and backers that make up the Secret Network ecosystem. With blockchain technology, we have the potential to create a more empowering and inclusive internet, what is often referred to as Web3. But current blockchains are public by default, exposing all data to everyone and putting users at risk. In order to enable meaningful use cases and achieve global adoption, users and organizations need control over how their data is used and shared, a concept we call programmable privacy. -
38
GitHub Advanced Security for Azure DevOps is an application security testing service that is native to the developer workflow. It empowers Developer, Security, and Operations (DevSecOps) teams to prioritize innovation and enhance developer security without sacrificing productivity. Detect and prevent secret leaks from your application development processes with secret scanning. Take advantage of a partner program of more than 100 service providers and scanning for more than 200 token types. Adopt secret scanning quickly and easily without the need for additional tooling via the Azure DevOps UI. Protect your software supply chain by identifying any vulnerable open source components you may be using with dependency scanning. Get straightforward guidance on how to update component references so you can fix issues in minutes.Starting Price: $2 per GiB
-
39
Hey Wallet
Hey Wallet
We are permissionless, meaning that people can send crypto to any twitter account and when that account is ready to claim their funds, they can easily do so. You are given your private key (secret 12 words) during sign up which gives you 100% control over your wallet. Do not lose these 12 words because they are not recoverable. If you lose these secret 12 words, you will lose all your funds forever so please take it very seriously! (welcome to crypto). We may or may not release a token, but here's a secret: the timestamp & order for when you activate your account will have massive consequences. -
40
Password Scale
Talpor
Solve the team frustrations when managing passwords, get access to the shared password pool only by entering in a Slack group. Keep the team passwords encrypted and saved in a secure storage, mitigate the risk of compromising passwords stored in multiples and potentially insecure places. We document the encryption design, publishing the entire source code, making possible code reviews and check the implemented zero-knowledge protocol. To retrieve the link with the editor to create the secret, this link expires in 15 minutes. To make unreachable the secret, to complete deletion is necessary to do it manually from the s3 password storage. To setup the password storage, it is only necessary to execute it once. To retrieve a one-time-use link with the secret content, this link expires in 15 minutes. Go to our GitHub project for instructions on how to set up your own password server, also you can try the command on your Slack team using our test server. -
41
GitHub Advanced Security
GitHub
With AI-powered remediation, static analysis, secret scanning, and software composition analysis, GitHub Advanced Security helps developers and security teams work together to eliminate security debt and keep new vulnerabilities out of code. Code scanning with Copilot Autofix detects vulnerabilities, provides contextual explanations, and suggests fixes in the pull request and for historical alerts. Solve your backlog of application security debt. Security campaigns target and generate autofixes for up to 1,000 alerts at a time, rapidly reducing the risk of application vulnerabilities and zero-day attacks. Secret scanning with push protection guards over 200 token types and patterns from more than 150 service providers, even elusive secrets like passwords and PII. Powered by security experts and a global community of more than 100 million developers, GitHub Advanced Security provides the insights and automation you need to ship more secure software on schedule.Starting Price: $49 per month per user -
42
POWR
POWR
Forms, popups, countdown timers, sliders, media galleries, ecommerce, social media feeds/icons and much more. No coding necessary. The secret sauce for having an amazing eCommerce business isn’t so secret after all. Most business owners, consultants, and experts will tell you that the secret is the ability to generate leads, make sales, and support current customers so they keep coming back. While the “what” of success is direct and explicit, the “how” is as clear as mud. Furthermore, deciding what’s more important is a debate that has gone on for ages, and will probably, almost certainly continue for the foreseeable future.Starting Price: $0 -
43
ByteHide
ByteHide
ByteHide is an all-in-one, developer-first application security platform designed to protect code, secrets, data, and runtime environments, while minimizing your dependencies and risk. It integrates seamlessly with your development workflows and communication tools, delivering key security insights and alerts without disrupting productivity. Operating under a zero-knowledge model, ByteHide uses client-side encryption so only you hold the keys, and it never stores your source code. With minimal, typically read-only permissions, you remain fully in control of what repositories and data sources are analyzed. ByteHide’s core tools include Shield for next-generation code obfuscation and anti-tampering, Secrets for AI-powered secret detection and decentralized management, Monitor for real-time runtime threat detection, and Radar for unified SAST/SCA scanning. These tools run in secure, isolated environments and automatically mask sensitive personal data.Starting Price: €39.99 per month -
44
Entropy Keycrypt
Quantum Entropy
Protect your essential digital assets with Entropy, offering a seamless and secure transition to your trusted circle in unforeseen circumstances. User-Friendly Security Entropy enables you to securely partition important information into discrete shares, each of which reveals nothing about your secret without the others. Distribute these to a select group of trusted individuals, who can then store them offline for added security. Long-Term Resilience With its robust security features, including 256-bit encryption, Entropy is well-suited for durable, decentralized offline storage, safeguarding your data from both online and specific offline threats.Starting Price: $24.99 -
45
Cyqur
Binarii Labs
You control where your passwords and seed phrases are secured via the Cyqur browser extension. Cyqur encrypts, fragments, and distributes your data wherever you want for unprecedented security. Although, it’s always you who owns and controls your data. By adding the proof of record from the blockchain, the security process is complete. Encrypted pieces are stored across multiple cloud providers so data is incomplete and useless if hacked. Multi-cloud data sovereignty, automated seed word protection, blockchain-based proof of record, customizable MFA, a referral program for credits, and direct personal customer support. Store up to 50 text based secrets (e.g., notes, PINs, secret phrases, banking credentials, MFA backup codes). Secrets are uniquely fragmented, encrypted, and stored across three separate cloud locations for enhanced security. Enhanced log-on authentication with customizable MFA options.Starting Price: €15 one-time payment -
46
Akeyless Identity Security Platform
Akeyless
Akeyless delivers identity security for an era shaped by automation and AI. The cloud-native platform secures machines, AI agents, and human access across hybrid, multi-cloud, and on-prem environments. It provides a practical path to secretless, identity-based access through secrets management, certificate lifecycle management and PKI, PAM, and unified governance. Akeyless is built on a cryptography foundation that combines encryption, key management, and Distributed Fragments Cryptography to keep sensitive material under customer control and protected from post-quantum threats. With integrations for cloud IAM, Kubernetes, CI/CD, and MCP-based AI agent workflows, teams can adopt and scale AI agents securely without expanding risk. Akeyless Jarvis™ delivers identity intelligence to surface risky access and strengthen oversight. -
47
Patrol
Scrum Maister
Security scanner for Jira, Confluence, and everything you store in them! Finds misconfigurations, secret tokens, third-party app vulnerabilities.Starting Price: $0.75 per user per month -
48
NGRAVE
NGRAVE
Fully offline hardware wallet, your private keys are never exposed to any online device. Built in partnership with world leaders in nano-technology & hardware security. The most advanced wallet generation process in the world. NGRAVE provides a mobile app to directly sync all the generated accounts from the ZERO. That way, the user can easily consult his real-time balances or ask to receive a transaction. Communication between the ZERO and the app occurs through QR-codes. This way, the app never has access to the secret keys on the ZERO. Hence, the secret keys are never exposed to any online attack vector. Not even when signing transactions. Create a computationally unique, unbreakable, & unpredictable secret key with a strong True Random Number Generation (TRNG) process. NGRAVE takes into account & radically improves every single step of the user journey. The coldest wallet generation & management. -
49
Ledger Stax
Ledger
Powered by the Secure Element chip and Ledger’s proprietary OS, battle-tested for years by security experts. You'll be able to access, manage, and retrieve your crypto as long as your Secret Recovery Phrase is safe and accessible only to you. Simply get another Ledger Stax or any other Ledger and recover access to your accounts using the Secret Recovery phrase. Software wallets store private keys on systems or devices that are connected to the internet, making them susceptible to all kinds of attacks. Holding your crypto on an exchange means entrusting the private keys to a third party and not having any control over your funds. Ledger Stax stores your private keys offline on a Secure Element chip, and provides full isolation between the keys and your computer/smartphone to give you complete control over your assets. -
50
east-tec InvisibleSecrets
East-Tec
east-tec InvisibleSecrets is a powerful privacy suite that protects your files using a two-layered approach: military-grade encryption and steganography. While encryption secures your data, steganography goes further by hiding it inside harmless-looking files like images or web pages, so no one even knows it's there. The software also includes a secure password manager, an application locker to restrict access to programs, and a file shredder to permanently erase sensitive data. For easy and safe sharing, you can create self-decrypting packages that only require a password to open, even if the recipient doesn’t have the software. Additional tools like a virtual keyboard help defend against keyloggers, making InvisibleSecrets a well-rounded solution for protecting your digital life.Starting Price: $29.95 one-time payment
