Alternatives to Alibaba Cloud Bastionhost
Compare Alibaba Cloud Bastionhost alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Alibaba Cloud Bastionhost in 2026. Compare features, ratings, user reviews, pricing, and more from Alibaba Cloud Bastionhost competitors and alternatives in order to make an informed decision for your business.
-
1
Securden Unified PAM
Securden
Securden Unified PAM is a privileged access security solution that lets you discover, centrally store, organize, share, manage, and keep track of all privileged identities, passwords, keys, documents, and other identities. It helps you establish a centralized password management system, automate management with approval workflows, control ‘who’ can access ‘what’, monitor, and record all access to critical IT assets, and enforce password security best practices. The major modules of Securden Unified PAM are password management, privileged account management, secure remote access, application control, endpoint privilege management, privileged session management, and SSH key management. The platform supports compliance with NIS2, DORA, NIST, PCI-DSS, HIPAA, and ISO-IEC 27001. Installation typically takes only a few minutes, and a complete production-ready PAM can be achieved in less than a month with Securden Unified PAM. -
2
Authentication Cloud faster, easier, and more user-friendly. Let customers access your online services without passwords and costly SMS fees. With the Nevis Authentication Cloud, you can offer your customers maximum security and a smooth user experience in no time at all. Authentication as a service – faster, easier and more user-friendly. Enable customers to access your online services without passwords and costly SMS fees. With the Nevis Authentication Cloud you can offer your customers maximum security and a smooth user experience in no time at all. With the Authentication Cloud from Nevis, you can offer your customers maximum security and a smooth user experience in no time at all. Remembering a long, complex password for each individual account no longer fits into today’s fast, mobile world. New solutions with password-free authentication such as fingerprint or face ID are not only faster and more convenient but also significantly more secure for all parties involved.Starting Price: $500 per month
-
3
AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources. IAM is a feature of your AWS account offered at no additional charge. You will be charged only for use of other AWS services by your users. IAM enables your users to control access to AWS service APIs and to specific resources. IAM also enables you to add specific conditions such as time of day to control how a user can use AWS, their originating IP address, whether they are using SSL, or whether they have authenticated with a multi-factor authentication device. Protect your AWS environment by using AWS MFA, a security feature available at no extra cost that augments user name and password credentials. MFA requires users to prove physical possession of a hardware MFA token or MFA-enabled mobile device by providing a valid MFA code.
-
4
CPTRAX for Windows
Visual Click Software
Server File Activity Tracking - Audit who is creating, accessing, moving, and deleting your files and folders. Track file permission changes. Real-time alerts about critical file activities. Malicious activity containment (Ransomware, mass file deletes, etc.) Workstation File Activity Tracking - Audit who is copying files to USB or other removable drives. Track who is uploading files from a browser or via FTP. Block files from being created on USB/removable device. Email alerts when a removable device is connected. Active Directory Auditing - Keep audit logs and get real-time alerts of important Active Directory changes without dealing with SACLs or Windows Event Logs. Server Authentication Auditing - Track authentications into Windows Servers and Citrix sessions. Review all failed logon attempts. Workstation Logon/Logoff Tracking - Get visibility on workstation logons/logoffs, including locks, unlocks and password changes. Review all failed logon attempts. -
5
AWS Secrets Manager
Amazon
AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text. Secrets Manager offers secret rotation with built-in integration for Amazon RDS, Amazon Redshift, and Amazon DocumentDB. Also, the service is extensible to other types of secrets, including API keys and OAuth tokens. In addition, Secrets Manager enables you to control access to secrets using fine-grained permissions and audit secret rotation centrally for resources in the AWS Cloud, third-party services, and on-premises. AWS Secrets Manager helps you meet your security and compliance requirements by enabling you to rotate secrets safely without the need for code deployments.Starting Price: $0.40 per month -
6
Iraje Privileged Access Manager
Iraje Software
Privileged accounts exist everywhere. There are many types of privileged accounts and they can exist on-premises and in the cloud. They differ from other accounts as they have rights for read, write, alter, and modify. Privileged Access Management (PAM) refers to systems that secure, control, manage and monitor the accounts of users who have elevated permissions to critical, corporate assets. Anyone inside an organization with superuser privileges has the potential to crash your enterprise systems, destroy data, delete or create accounts and change passwords and cause havoc, either through carelessness, incompetence or perhaps through malicious intent. The trouble is that accounts with superuser privileges, Including shared accounts, are necessary. One cannot run enterprise IT systems without granting some people the privileges to do system-level tasks. -
7
BastionZero
BastionZero
Infrastructure teams must manage painful VPNs, homegrown bastion hosts, overprivileged certificate authorities, and long-lived credentials that present huge security risks. Infrastructure teams can easily configure, manage and secure fine-grained access controls to infrastructure targets in any cloud or on-prem environments. A single system for access all of your targets (servers, containers, clusters, databases, webservers) so you don’t have to manage an ever-growing set of systems. Provide zero-trust access to your targets by putting them behind your SSO and adding an independent MFA. Stop managing passwords. Use policy to control which users can log into which target under which role or user account. Capture the specific commands that a user ran on a target under a role or account via BastionZero’s access logs, command logs and session recordings.Starting Price: $300 per month -
8
Delinea Server Suite
Delinea
Easily consolidate complex and disparate identities for Linux and Unix within Microsoft Active Directory. Minimize the risk of a breach and reduce lateral movement with a flexible, just-in-time privilege elevation model. Advanced session recording, auditing, and compliance reporting aid forensic analysis into abuse of privilege. Centralize discovery, management, and user administration for Linux and UNIX systems to enable rapid identity consolidation into Active Directory. Privileged Access Management best practices are easy to follow with the Server Suite. The results are higher levels of identity assurance and a significantly reduced attack surface with fewer identity silos, redundant identities, and local accounts. Manage privileged user and service accounts from Windows and Linux in Active Directory. Just-in-time, fine-grained access control with RBAC and our patented Zones technology. Complete audit trail for security review, corrective action, and compliance reporting. -
9
Fine-grained access control and visibility for centrally managing cloud resources. Identity and Access Management (IAM) lets administrators authorize who can take action on specific resources, giving you full control and visibility to manage Google Cloud resources centrally. For enterprises with complex organizational structures, hundreds of workgroups, and many projects, IAM provides a unified view into security policy across your entire organization, with built-in auditing to ease compliance processes. We recognize that an organization’s internal structure and policies can get complex fast. Projects, workgroups, and managing who has authorization to do what all change dynamically. IAM is designed with simplicity in mind: a clean, universal interface lets you manage access control across all Google Cloud resources consistently. So you learn it once, then apply everywhere.
-
10
Passly
IDAgent
Growing numbers of remote workers, increased dependency on cloud applications, and explosive increases in cyber theft should require every organization of every size to consider Secure Identity & Access Management. With Passly™ from ID Agent (a Kaseya company), IT teams can easily, simply, and affordably enable the right people to have the right access to the right resources – all from the right devices and locations. Secure Password Management, Single Sign-On, Multi-Factor Authentication and more. In a time when the threat of cyberattack has never been greater, and with nearly 80% percent of all data breaches due to lost, weak or stolen passwords, it’s critical to select the right secure identity & access management platform. Passly provides the most comprehensive and cost-effective solution to enable security, compliance, and efficiency. Shared Password Vaults allow techs to manage and store passwords for business, personal or shared accounts. Centralized and easy to use. -
11
BeyondTrust Pathfinder
BeyondTrust
BeyondTrust Pathfinder offers a comprehensive identity-centric security platform designed to protect enterprises from privilege-based attacks by delivering visibility, control, and governance across human and non-human identities, credentials, and access paths. At the core is the Pathfinder Platform, which dynamically maps paths to privilege across endpoints, servers, clouds, IdPs, SaaS, and databases, exposing hidden over-privileged accounts, orphaned identities, and attack vectors. Other key components include Identity Security Insights for unified detection and risk-based prioritization of identity threats, Password Safe to discover, vault, manage and audit privileged credentials and session activity, Privileged Remote Access for secure, rule-based access with full session monitoring, Entitle for automating cloud permissions and just-in-time access, Endpoint Privilege Management for enforcing least-privilege on endpoints with application control and file-integrity monitoring. -
12
Multifactor
Multifactor
Multifactor is a next-generation account-sharing and access-management platform built around zero-trust, post-quantum cryptography, and fine-grained permissioning. Rather than simply sharing credentials, users store their online accounts (passwords, passkeys, 2FA codes) in a secure vault and grant access to humans or AI agents by sending controlled links. Access can be revoked instantly, and the underlying credentials remain hidden. You can define precise permissions (for example, “read transactions” but not “initiate transfers”), capture detailed non-repudiable audit trails of every action, and enjoy built-in encryption and post-quantum security architecture that ensures only authorized parties ever gain access. The platform can also operate as a full identity-and-access-management suite, supporting authentication (biometrics, hardware tokens), authorization, access auditing, device and network endpoint enforcement, and secure account/resource sharing.Starting Price: Free -
13
Evo Security
Evo Security
Eliminate credential sharing, establish powerful administrative permissions, mass deploy login security for your customers, and meet insurance and compliance requirements with Evo Security. EPIC is the next evolutionary step for MSPs, MSSPs, NOCs, and SOCs seeking to reduce credential sharing risk and secure logins for endpoints, network devices, and web applications all-in-one. The big secret about managed services is that MSP administrators are forced to share customer passwords and MFA codes internally. Password Managers and other Password Rotation tools offer sharing convenience with some iterative improvements, however ultimately propagate the same problem. With cybercriminals targeting MSPs more than ever, and regulation mandates demanding a better way, this involuntary poor practice has run its course. Easily accommodate managed or co-managed Customer scenarios when technicians and administrators need access to the Evo platform using the Evo Privileged Access Manager. -
14
ManageEngine PAM360
Zoho
Privilege misuse is a top cybersecurity threat today that often results in expensive losses and can even cripple businesses. It's also one of the most popular attack vectors among hackers, because when successfully carried out, it provides free access to an enterprise's underbelly, often without raising any alarms until the damage is done. ManageEngine PAM360 empowers enterprises looking to stay ahead of this growing risk with a robust privileged access management (PAM) program that ensures no privileged access pathway to mission-critical assets is left unmanaged, unknown, or unmonitored. PAM360 is a comprehensive solution for businesses looking to incorporate PAM into their overall security operations. With PAM360's contextual integration capabilities, you can build a central console where different parts of your IT management system interconnect for deeper correlation of privileged access data and overall network data, facilitating meaningful inferences and quicker remedies. -
15
AuthZed
AuthZed
Unblock your business with an authorization system inspired by Google's Zanzibar white paper. As the creators of SpiceDB, the AuthZed team delivers enterprise-ready permissions systems built for scale and security. The most mature open source Zanzibar implementation designed for both consistency and performance at scale. Define fine-grained access for any object in your application or across your product suite and manage permissions using a centralized schema. Specify consistency requirements per authorization check; tunable consistency features balance performance and correctness according to your use case. SpiceDB returns lists of authorized subjects and accessible resources, helpful when pre-filtering permission-based results. Instrumented with observability tooling, a powerful Kubernetes operator, and load-testing capabilities, SpiceDB prioritizes both developer and platform engineering experiences. -
16
Vault One
VaultOne Software
Have total control and visibility over who accesses your data, systems, applications, infrastructure and any other assets, preventing cyber attacks and data breaches. With VaultOne, protect your company’s resources and achieve compliance. VaultOne is redesigning the concept of privileged access management (PAM). Manage user access, credentials and sessions in a fast, secure and automated way. In a single and powerful solution, we offer multiple features, such as digital vault, password generator, sessions recording, auditing and reporting, customizable policies, disaster recovery and multi-factor authentication. If you’re looking for a solution to protect shared accounts, certificates and user access to applications, websites, servers, databases, cloud services and infrastructure, you’ve just found it. By creating customized access policies and managing users and privileges, you fight cyber attacks and avoid data breaches.4Starting Price: $99 per month -
17
ManageEngine AD360
Zoho
AD360 is an integrated identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. From user provisioning, self-service password management, and Active Directory change monitoring, to single sign-on (SSO) for enterprise applications, AD360 helps you perform all your IAM tasks with a simple, easy-to-use interface. AD360 provides all these functionalities for Windows Active Directory, Exchange Servers, and Office 365. With AD360, you can just choose the modules you need and start addressing IAM challenges across on-premises, cloud, and hybrid environments from within a single console. Easily provision, modify, and deprovision accounts and mailboxes for multiple users at once across AD, Exchange servers, Office 365 services, and G Suite from a single console. Use customizable user creation templates and import data from CSV to bulk provision user accounts.Starting Price: $595.00 / year -
18
AWS IAM Identity Center
Amazon
AWS IAM Identity Center simplifies centralized access management across multiple AWS accounts and business applications. It enables users to access assigned accounts and applications from a unified portal. Administrators can manage user permissions centrally, assigning them based on job functions and customizing as needed. IAM Identity Center integrates with various identity sources, including Microsoft Active Directory, Okta, Ping Identity, JumpCloud, and Microsoft Entra ID, and supports standards like SAML 2.0 and SCIM for user provisioning. It facilitates attribute-based access control by allowing selection of user attributes such as cost center, title, or locale from the identity source. It supports multi-factor authentication (MFA) using methods like FIDO-enabled security keys, biometric authenticators, and time-based one-time passwords. -
19
Amazon Verified Permissions
Amazon
Amazon Verified Permissions is a fully managed authorization service that uses the provably correct Cedar policy language, so you can build more secure applications. With Verified Permissions, developers can build applications faster by externalizing authorization and centralizing policy management. They can also align authorization within the application with Zero Trust principles. Security and audit teams can better analyze and audit who has access to what within applications. Accelerate application development by decoupling authorization from business logic. Protect application resources and manage user access to the principle of least privilege. Amazon Verified Permissions is a fully managed, Cedar-compatible permissions management and fine-grained authorization service for the applications that you build. Using Cedar, an expressive, performant, and analyzable open source policy language, developers and admins can define policy-based access controls.Starting Price: $0.00015 per request -
20
AppScaler
XPoint Network
What does AppScaler CMS do? Managing, monitoring and reporting on growing distributed networks is increasingly complex and costly, AppScaler CMS allows you to manage one or more AppScaler devices from a single management server. AppScaler CMS provides organizations, distributed enterprises and service providers with a powerful and intuitive solution to centrally manage and rapidly deploy AppScaler devices and provides centralized, real-time monitoring and comprehensive application performance reporting. Central AppScaler Policy Management AppScaler CMS ensures governance and compliance with centrally managed configuration: Import the configuration from AppScaler device in one click. Comprehensive policy management on load balancing of each AppScaler device. Configuration backup and restore. AppScaler Firmware Upgrade Role-based access control. AppScaler CMS provides fine-grained, role-based access control with which you can grant access permissions. -
21
Turnkey
Turnkey
We help you build better crypto products. Create thousands of embedded wallets, get rid of manual transaction flows, and automate on-chain actions, all without compromising on security. Create thousands of non-custodial wallets across blockchains with a simple API call. Build even the most complex crypto products by signing the transactions you need. Protect your assets with fine-grained policies and approval workflows. We’re developer-first at our core and obsess over giving you the easiest APIs and SDKs. We’ve done away with passwords to ensure the highest level of security. Your account is virtually unfishable with our hardware-based WebAuthn authentication. Our policy engine provides fine-grained controls for how users can access private keys. All actions on your account are checked against your custom policies and approval workflows while leaving an audit trail. Leveraging secure, isolated environments and verifiable data stores, we ensure you have control over your assets.Starting Price: $0.10 per signature -
22
Avatier Identity Anywhere
Avatier
Introducing Identity Anywhere, the world’s first Identity Management solution based on Docker containers making it the most portable, scalable and secure solution on the market. Docker container technology allows Identity Anywhere to run anywhere: on any cloud, on premise or a private cloud instance hosted by Avatier. Avatier Identity Management products brings separately administered back office applications and assets together to manage them as one system. Now armed with a unified digital dashboard, C-level executives deliver measurable business growth and increased profits. Eliminate the #1 Help Desk request with military grade self-service password reset. Reduce Costs. Only pay for the cloud app licenses you need. Maximize company utilization with a phenomenal shopping cart experience. Avoid fines, lawsuits, negative publicity, and even jail time due to non-compliance.Starting Price: $5.00/one-time/user -
23
Permify
Permify
Permify is an authorization service designed to help developers build and manage fine-grained, scalable access control systems within their applications. Inspired by Google's Zanzibar, Permify enables the structuring of authorization models, storage of authorization data in preferred databases, and interaction with its API to handle authorization queries across various applications and services. It supports multiple access control models, including Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC), allowing for the creation of granular permissions and policies. Permify centralized authorization logic, abstracting it from the codebase to facilitate easier reasoning, testing, and debugging. It offers flexible policy storage options and provides a role manager to handle RBAC role hierarchies. The platform also supports filtered policy management for efficient enforcement in large, multi-tenant environments.Starting Price: Free -
24
Heimdal Privileged Access Management
Heimdal®
Heimdal Privileged Access Management is a PAM solution that allows sysadmins to handle user permissions easily, handle all requests, and strengthen your company's endpoint security with truly innovative access governance. With its help, they can make sure that users don’t accidentally allow hackers to access your endpoints and networks. This is made possible by easily verifying and approving each request from the central interface. In addition to this, Heimdal™ Privileged Access Management promises to give your enterprise time optimization, higher productivity, and greater employee satisfaction. With such a tool under your belt, you will not only benefit from flawless protection but also unlock incredible scalability features and save time for your system admins. -
25
Bravura Security Fabric
Bravura Security
Protect identities, systems, and data with automation, built-in threat detection, singular identity, privileged access, and password platform. Weave patterns of functionality to protect against continual threats ensuring your identity and access security program are covered. In the age of digital transformation, protecting against threats is increasingly complex but also crucial. Hybrid infrastructures now accommodate modern and legacy assets, cloud resources, the Internet of Things, operational technology, and remote workforces around the world. Technological and architectural building blocks with decades of reliability to protect, manage and govern your entire identity and access infrastructure can help. It offers mature automation and detection; governance and compliance; analytics and reporting. Simplify vendor selection and program deployment; streamline service level agreements and lower overall cost. -
26
Obot MCP Gateway
Obot
Obot is an open-source AI infrastructure platform and Model Context Protocol (MCP) gateway that gives organizations a centralized control plane for discovering, onboarding, managing, securing, and scaling MCP servers, services that connect large language models and AI agents to enterprise systems, tools, and data. It bundles an MCP gateway, catalog, admin console, and optional built-in chat interface into a modern interface that integrates with identity providers (e.g., Okta, Google, GitHub) to enforce access control, authentication, and governance policies across MCP endpoints, ensuring secure, compliant AI interactions. Obot lets IT teams host local or remote MCP servers, proxy access through a secure gateway, define fine-grained user permissions, log and audit usage, and generate connection URLs for LLM clients such as Claude Desktop, Cursor, VS Code, or custom agents.Starting Price: Free -
27
Delinea Secret Server
Delinea
Protect your privileged accounts with our enterprise-grade Privileged Access Management (PAM) solution. Available both on-premise or in the cloud. Get up and running fast with solutions for privileged account discovery, turnkey installation and out-of-the-box auditing and reporting tools. Manage multiple databases, software applications, hypervisors, network devices, and security tools, even in large-scale, distributed environments. Create endless customizations with direct control to on-premise and cloud PAM. Work with professional services or use your own experts. Secure privileges for service, application, root, and administrator accounts across your enterprise. Store privileged credentials in an encrypted, centralized vault. Identify all service, application, administrator, and root accounts to curb sprawl and gain a full view of your privileged access. Provision and deprovision, ensure password complexity and rotate credentials. -
28
Centralize your multi-vendor infrastructure into a single security domain. Core Privileged Access Manager (BoKS) transforms your multi-vendor Linux and UNIX server environment into one centrally managed security domain. BoKS simplifies your organization’s ability to enforce security policies, and control access to critical systems and information. With full control over accounts, access and privilege, IT and security teams can proactively prevent internal and external attacks on critical systems before they start. Centralize management of user profiles and accounts for simplified administration and scalability. Secure your systems by managing user privileges and access to sensitive data—without slowing down productivity. Give users only the access they need and ensure that least privileged access is enforced across your hybrid environment.
-
29
Bravura Privilege
Bravura Security
Bravura Privilege secures access to elevated privileges. It eliminates shared and static passwords to privileged accounts. It enforces strong authentication and reliable authorization prior to granting access. User access is logged, creating strong accountability. Bravura Privilege secures access at scale, supporting over a million password changes daily and access by thousands of authorized users. It is designed for reliability, to ensure continuous access to shared accounts and security groups, even in the event of a site-wide disaster. Bravura Privilege grants access to authorized users, applications and services. It can integrate with every client, server, hypervisor, guest OS, database and application, on-premises or in the cloud. Discovers and classifies privileged accounts and security groups. Randomizes passwords and stores them in an encrypted, replicated vault. -
30
Secure and Protect Privileged Accounts, Sessions and Credentials. Everywhere! RevBits Privileged Access Management is a six-in-one solution that includes privileged access, privileged session, password, service accounts, key and certificate management, as well as extensive session logging that captures keystrokes and video. RevBits Privileged Access Management native clients are available for common operating systems. As an organization’s need for comprehensive access management grows, the expansion of onboarding vendors will also increase. RevBits Privileged Access Management is built to provide comprehensive access management while reducing the growth in vendor onboarding. With five integrated access management modules in one solution, organizations are in control. Product Features:- Hardware Tokens Comprehensive Platform Coverage Customizable Password Management Extensive Audit Logs Access Granting Workflow Ephemeral Passwords Complete Key Management SSL Scanner
-
31
The ARCON | Privileged Access Management (PAM) solution provides over every aspect of your IT infrastructure so that you can build contextual security around your most important asset: data. Its granular access control allows you to structure your security infrastructure the way you want, giving and revoking access for whomever you wish, whenever you wish, all on your own terms. Get rule- and role-based access control to all target systems with the principle of ‘least-privilege’ only allowing access to data on a ‘need-to-know’ basis. This helps your admins manage, monitor, and control privileged accounts down to the individual end user. Build a unified access control and governance framework to monitor privileged identities, whether on-prem, on-cloud, in a distributed data center or a hybrid environment. Randomize and change passwords automatically to overcome the threats arising from shared credentials.
-
32
Huawei IAM
Huawei Cloud
Create IAM users and groups and grant them permissions by using policies and roles, allowing or denying access to specific services and resources. Delegate a trusted HUAWEI CLOUD account or a cloud service to access your HUAWEI CLOUD resources based on assigned permissions. Establish a trust relationship between your existing identity system and HUAWEI CLOUD by creating a SAML-based or OpenID Connect–based identity provider or a custom identity broker. In this way, users in your enterprise can log in to HUAWEI CLOUD through single sign-on (SSO). You can require IAM users to complete identity authentication each time they log in or perform a critical operation. IAM allows you to create IAM users and authorize them to securely access your resources using their own username and password. IAM allows you to authorize another HUAWEI CLOUD account or a cloud service to access your resources based on assigned permissions. -
33
Alibaba Cloud Drive
Alibaba Cloud
Alibaba Cloud Photo and Drive Service (PDS) enables you to build a cloud drive and provide it to your customers with enterprise-level features, such as large-volume file storage, ultra-fast file sharing, file and directory management, fine-grained access and permission control, and AI file analysis and classification. Enjoy super-fast speed when storing, sharing, and downloading files with Alibaba Cloud Drive’s centralized storage of metadata and global accelerated networking. Extract, recognize, and re-categorize file metadata and support massive data queries based on Alibaba Cloud’s AI capabilities to understand unstructured data. Ensure data security with server-side data encryption, HTTPS 2.0-based transmission, end-to-end data validation, flexible authorization methods, and file watermarking functions. -
34
Gate22
ACI.dev
Gate22 is an enterprise-grade AI governance and MCP (Model Context Protocol) control platform that centralizes, secures, and observes how AI tools and agents access and use MCP servers across an organization. It lets administrators onboard, configure, and manage both external and internal MCP servers with fine-grained, function-level permissions, team-based access control, and role-based policies so that only approved tools and functions can be used by specific teams or users. Gate22 provides a unified MCP endpoint that bundles multiple MCP servers into a simplified interface with just two core functions, so developers and AI clients consume fewer tokens and avoid context overload while maintaining high accuracy and security. The admin view offers a governance dashboard to monitor usage patterns, maintain compliance, and enforce least-privilege access, while the member view gives streamlined, secure access to authorized MCP bundles.Starting Price: Free -
35
ConsoleWorks
TDi Technologies
ConsoleWorks is a unified IT/OT cybersecurity and operations platform designed for privileged-access users. ConsoleWorks delivers secure, persistent remote access and full management of permissions, enabling organizations to control access to operating systems, network devices, configuration ports, servers, storage, applications, and more under a centralized, role-based access control model. It operates agent-lessly: instead of installing software agents on each asset, ConsoleWorks maintains a constant, secure connection that works regardless of an asset’s state (powered on/off, OS up/down), giving “out-of-band” control and visibility. It monitors and logs every privileged action, down to the keystroke, offering continuous auditing, session recording, configuration monitoring, patch and asset-inventory tracking, and automatic detection of configuration changes. -
36
Devolutions Server
Devolutions
Devolutions Server (DVLS) is a self-hosted solution designed to streamline account and credential management across your organization. Without centralized control, teams often struggle with unsecured credentials, unauthorized access, and inconsistent security practices. DVLS addresses these issues by offering a secure, shared account and credential management platform with the ability to enforce access policies, manage user roles, and provide detailed auditing. DVLS also includes optional privileged access components for organizations that require more granular control over sensitive accounts. Fully integrated with Remote Desktop Manager, it offers a seamless way to manage credentials and remote sessions, ensuring that all access is secure and well-governed. Whether you’re a small team or a large enterprise, Devolutions Server simplifies credential management and improves security.Starting Price: $3/month/user -
37
ProfileTailor
Xpandion
ProfileTailor Security & Authorizations. Take Control over SAP Authorizations! Not only are SAP Authorizations complex, but also the authorization team has to be in control at all times. Events like granting sensitive permissions or identifying suspicious use of risky SAP authorizations cannot be ignored and must be taken care of immediately. In answer to these needs, ProfileTailor Dynamics Security & Authorizations was designed to give a 360° control over SAP Authorizations and Behavior-based Security. Get Insights about SAP Authorizations, Be the Expert! ProfileTailor Dynamics Security & Authorizations was designed with both novice users and professional experts in mind. Novice users can easily feel like experts, having all the in-depth data of SAP Authorizations without the need to delve into the fine details of SAP Authorizations, like objects and fields. They can optimize authorization roles and be in control over sensitive SAP permissions. -
38
FortiPAM
Fortinet
FortiPAM provides privileged access management, control, and monitoring of elevated and privileged accounts, processes, and critical systems across the entire IT environment. FortiPAM is part of the Fortinet Security Fabric, integrating with products such as FortiClient, FortiAuthenticator, and FortiToken. Critical assets need to be protected with the highest level of security. FortiPAM allows for enhanced security including zero-trust network access (ZTNA) controls when users try to access critical assets. ZTNA tags can be applied to check device posture for vulnerabilities, installed AV, location, and more. These checks are done continuously so if something changes on the device, it can be disconnected from the critical asset. In this way, FortiPAM ensures that the users and devices accessing critical assets are secure and prevents threats from impacting the asset. You can use the pre-built applications, or web-based launchers, or easily create your own launch templates. -
39
Visual Guard
Novalys
Visual Guard is an advanced identity and access management (IAM) tool offering a complete solution for securing sensitive applications and data. With centralized management of users and permissions, Visual Guard facilitates the implementation of robust, standards-compliant security policies. User management : Create, modify & delete user accounts Integration with LDAP or Active Directory directories Automatic synchronization of user information Access control : Precise definition of access rights to features and resources Role and Permission Management Multi-factor authentication (MFA) Single Sign-On (SSO) Security Audit and Monitoring : Permission Matrix Detailed Event log Real-time and Historical Graphs Integration & compatibility : Compatibility with major development platforms, frameworks, and protocols. .NET API Benefits : Simplified access management Enhanced data security Improved regulatory compliance Reduce identity management costStarting Price: 1.55/month/user -
40
Canton
Canton
The Canton Network is a public, permissionless blockchain network designed specifically for regulated financial markets, enabling institutions to transact and synchronize data with privacy, control, and interoperability. It introduces a unique architecture that allows applications to run on separate, configurable domains while remaining interoperable at the network level, so participants can share data and assets only with authorized parties. Built to support real-world financial workflows, the network enables atomic, cross-application transactions without exposing sensitive information to the entire network. Canton supports privacy-preserving smart contracts, fine-grained permissioning, and composable applications that can span multiple use cases such as payments, securities, collateral, and derivatives. Its design allows institutions to maintain regulatory compliance, operational autonomy, and data confidentiality while benefiting from shared infrastructure and real-time settlement. -
41
Marcom On Demand
Strata Company
A highly customizable and easy-to-implement MRM tool, Marcom On Demand lets you centrally manage your organization’s brand resources and marketing workflows. With comprehensive asset management, process automation, content customization, and intuitive architecture, MarCom On Demand will help you set your brand free. Streamline your processes and content, overcome operational challenges, and take control of your brand with our easy-to-use marketing resource management (MRM) tools and intelligent customer communications management (CCM) solutions. MarCom On Demand is the go-to hub for your organization’s brand resources, documents, and assets. With comprehensive asset management, process automation, content customization, and a user-friendly interface, our tool will help you and your team look like marketing wizards. Manage your vendors and products, create multiple user entities and vendor profiles, and assign different permission levels. -
42
Okera
Okera
Okera, the Universal Data Authorization company, helps modern, data-driven enterprises accelerate innovation, minimize data security risks, and demonstrate regulatory compliance. The Okera Dynamic Access Platform automatically enforces universal fine-grained access control policies. This allows employees, customers, and partners to use data responsibly, while protecting them from inappropriately accessing data that is confidential, personally identifiable, or regulated. Okera’s robust audit capabilities and data usage intelligence deliver the real-time and historical information that data security, compliance, and data delivery teams need to respond quickly to incidents, optimize processes, and analyze the performance of enterprise data initiatives. Okera began development in 2016 and now dynamically authorizes access to hundreds of petabytes of sensitive data for the world’s most demanding F100 companies and regulatory agencies. The company is headquartered in San Francisco. -
43
BrandBay
BrandBay
BrandBay is an instant-access, multi-brand asset management system that enables users to organize and store brand assets, collaborate with teams and clients, and securely deliver files within a custom-branded, white-label platform. It allows for the storage and hosting of various assets, including brand colors, logos, fonts, files, graphics, and videos, all accessible through a browser extension and desktop application for quick retrieval. The platform facilitates seamless collaboration by enabling users to make comments directly on assets and communicate when finalized work is ready for publication, thereby streamlining the creative workflow. BrandBay also offers robust security features, such as password protection for individual assets and collections, as well as customizable user permissions to ensure sensitive information remains secure. Additionally, it provides flexible asset deployment and sharing options, including built-in asset hosting and custom embeds.Starting Price: $8 per month -
44
Divot Assets
Divot Assets
Divot Assets’ K12 Asset Pro is a cloud-hosted fixed asset tracking and management system built specifically for K-12 school districts to centralize inventory, reporting, and compliance. It lets districts check assets in and out to students, staff, and locations while preventing double-booking and tracking status labels such as deployable, pending, undeployable, and archived. It supports barcoded mobile scanning for fast, on-the-go check-in/out and bulk add/edit of assets, saving time on manual entry. Users can assign role-based permissions, track untagged accessories, manage one-to-one technology devices, and maintain disposal records for retired assets. K12 Asset Pro generates customizable reports by location, category, funding source, status, type, or value to satisfy state and federal reporting and audit needs, including tracking by funding source for Federal compliance.Starting Price: Free -
45
OpenText ZENworks Endpoint Security Management provides fine-grained, policybased control over all your Windows desktop and mobile PCs—including the ability to automatically change security configurations depending on a user’s role and location. By creating and managing policies from a central console, ZENworks makes it possible to implement and enforce tightly controlled, highly adaptive security policies without placing any configuration or enforcement burden on end users. ZENworks Endpoint Security Management also features robust client selfdefense capabilities that provide assurance that security policies are not circumvented; in addition, it has a complete suite of monitoring, alert, reporting, and auditing tools. Bring comprehensive, centralized security to your most vulnerable IT assets—the mobile PCs at the edges of your organization.
-
46
P0 Security
P0 Security
Find and fix vulnerabilities, request and grant privileged access. You should never need to trade off infrastructure security against developer velocity. Process access escalations in minutes. No more tickets, better-scoped permissions, and automatic expiration. P0 Security enables engineers to request just-in-time, fine-grained access to any cloud resource, without becoming an expert in the language of cloud IAM. DevOps teams can automate provisioning and expiry of access, without needing to constantly update static IDP groups. Provide developers just-in-time, short-lived, and fine-grained access to a production stack (AWS, GCP, Kubernetes) for deploying or troubleshooting services. Automate periodic access reviews of your cloud environment, and accelerate compliance for SOC2 and ISO 27001, without overburdening your teams. Provide engineers and customer success teams just-in-time and short-lived access to customer data in a cloud environment, or in a data warehouse.Starting Price: $25 per month -
47
CyberArk Privileged Access Manager
CyberArk
Keep your business safe by preventing the malicious use of privileged accounts and credentials – a common path to an organization’s most valuable assets. The CyberArk PAM as a Service solution leverages leading automation technologies to protect your business as it grows. Attackers never stop seeking ways in. Manage privileged access to minimize risk. Prevent credential exposure and keep critical assets from falling into the wrong hands. Maintain compliance with recorded key events and tamper-resistant audits. Privileged Access Manager easily integrates with a host of applications, platforms and automation tools. -
48
WorthIT Fixed Assets
WorthIT Fixed Assets
When spreadsheets, depreciation programs or complex ERP modules simply won't do! WorthIT Fixed Assets is a comprehensive business reporting solution that strikes the best balance between software features in key areas of fixed assets management, reporting compliance with internal and IFRS standards, ease of use and cost of ownership and maintenance. Depreciation and financial accounting is the foundation of WorthIT. You can support popular depreciation methods or design your own custom method, maintain multiple companies and multiple depreciation profiles, perform and track partial or whole disposals and much more. Extensive security and governance features give you administrative control over authorized users and access passwords, the ability to assign each user unique access and function/task permission and even track the history tracking of last user activity. -
49
You trust your privileged users with elevated access to critical systems, data, and functions. However, their advanced entitlements need to be vetted, monitored, and analyzed to protect your resources from cybersecurity threats and credential abuse. Research has found as much as 40% of insider cyberattacks involved privileged users. IBM Verify Privilege products, powered by Delinea, enable zero trust strategies to help minimize risk to the enterprise. Discover, control, manage, and protect privileged accounts across endpoints and hybrid multi-cloud environments. Discover unknown accounts. Reset passwords automatically. Monitor anomalous activity. Manage, protect, and audit privileged accounts across their lifecycles. Identify devices, servers, and other endpoints with administrative privileges to enforce least-privilege security, control application rights, and reduce impact on support teams.
-
50
OpenDocMan
OpenDocMan
OpenDocMan is a free, web-based, open-source document management system (DMS) written in PHP and designed to comply with ISO 17025 and OIE standards for document management. It features web-based access, fine-grained control of access to files, and automated install and upgrades. OpenDocMan was developed under the open-source GPL license, which in a nutshell allows you to use the program for free and modify it any way you wish. We also encourage feedback from our users when they encounter issues, or have suggestions. Free document management software is good for you. IT staff and managers can delegate document management duties to any number of staff members, through user and group permissions. Permissions can be set as restrictively or permissively as needed.
