Alternatives to Amazon Verified Permissions
Compare Amazon Verified Permissions alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Amazon Verified Permissions in 2026. Compare features, ratings, user reviews, pricing, and more from Amazon Verified Permissions competitors and alternatives in order to make an informed decision for your business.
-
1
Frontegg
Frontegg
Frontegg is a Customer Identity and Access Management (CIAM) platform that simplifies authentication, authorization, and user management for SaaS companies. It enables developers to implement advanced identity features quickly, then shift ongoing administration to other teams. With Frontegg, Product, Infosec, and Customer Success teams can take control of key identity tasks like managing user roles, enforcing security policies, and handling customer requests, all without engineering support. Developers reduce toil and regain focus on core product work, while stakeholders move faster without bottlenecks. Frontegg supports modern identity features including SSO, MFA, role-based access control, entitlements, multi-tenancy, and audit logs. Its low-code platform integrates in days and provides a user-friendly admin portal that bridges technical and non-technical teams. Frontegg increases operational efficiency, improves security posture, and enhances the customer experience. -
2
Auth0
Okta
Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity Company™. Auth0 lets you quickly integrate authentication and authorization for web, mobile, and legacy applications, with new Fine Grained Authorization (FGA) that goes beyond role-based access control. Authenticate users across all applications with a customized, secure, and standards-based single login. Universal Login connects users to a central authorization server. Credentials aren’t transferred across sources, which boosts security and protects against phishing and credential stuffing attacks. OAuth 2.0 recommends that only external user agents (like the browser) be used by native applications for authentication flows. Auth0’s Universal Login achieves this while enabling SSO. -
3
Josys
Josys
Josys is the Automated Identity Governance and Administration (IGA) Platform designed to simplify how IT works. Trusted by IT teams and Managed Service Providers (MSPs), Josys delivers complete visibility and control over every user, application, and access permission within their identity perimeter. By automating critical workflows, including access review audits, lifecycle management, shadow IT detection, and license optimization, Josys transforms complex access policies and governance into seamless, autonomous processes that drastically reduce security risks, optimize spend, and unlock true operational efficiency.Starting Price: $100/mo -
4
SolarWinds Access Rights Manager
SolarWinds
SolarWinds® Access Rights Manager is designed to assist IT & security administrators in quickly & easily provisioning, deprovisioning, managing, & auditing user access rights to systems, data, & files, so they can help protect their organizations from the potential risks of data loss and breaches. By analyzing user authorizations & access permissions, you get visualization of who has access to what, and when they accessed it. Customized reports can be generated to help demonstrate compliance with many regulatory requirements. Provision & deprovision users via role-specific templates to help assure conformity of access privilege delegation, in alignment with security policies. -
5
Cedar
Amazon
Cedar is an open source policy language and evaluation engine developed by AWS to facilitate fine-grained access control in applications. It enables developers to define clear and concise authorization policies, decoupling access control from application logic. Cedar supports common authorization models, including role-based access control and attribute-based access control, allowing for expressive and analyzable policy definitions. Its design emphasizes readability and performance, ensuring that policies are both easy to understand and efficient to enforce. By integrating Cedar, applications can make precise authorization decisions, enhancing security and maintainability. The policy structure is designed to be indexed for quick retrieval and to support fast and scalable real-time evaluation, with bounded latency. It enables analyzer tools capable of optimizing your policies and proving that your security model is what you believe it is.Starting Price: Free -
6
Permit.io
Permit.io
Full Stack Permissions as a service. Check authorization as done, focus on your core product. Use the right tool for the right task. Use the right language for the right policy. Say no to Lock-in. Mix and match the policy engines you need. Permit.io supports OPA's Rego and now adds AWS' Cedar, and Amazon Verified Permissions. Generate Policy as code directly into Git, and deploy in realtime into the agent in your app. Makes granting permissions as easy as checking a box. Manage and edit your policies with in seconds instead of days. Work with a simple UI, API, or directly with Rego code. Enable multi-tenancy, RBAC, ABAC, ReBAC, and more with a single streamlined interface. Provide low-code/no-code interfaces for non-technical users. Ensure future requirements are met with policy as code. Get Git Ops support out-of-the-box. -
7
Permify
Permify
Permify is an authorization service designed to help developers build and manage fine-grained, scalable access control systems within their applications. Inspired by Google's Zanzibar, Permify enables the structuring of authorization models, storage of authorization data in preferred databases, and interaction with its API to handle authorization queries across various applications and services. It supports multiple access control models, including Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC), allowing for the creation of granular permissions and policies. Permify centralized authorization logic, abstracting it from the codebase to facilitate easier reasoning, testing, and debugging. It offers flexible policy storage options and provides a role manager to handle RBAC role hierarchies. The platform also supports filtered policy management for efficient enforcement in large, multi-tenant environments.Starting Price: Free -
8
Aserto
Aserto
Aserto helps developers build secure applications. It makes it easy to add fine-grained, policy-based, real-time access control to your applications and APIs. Aserto handles all the heavy lifting required to achieve secure, scalable, high-performance access management. It offers blazing-fast authorization of a local library coupled with a centralized control plane for managing policies, user attributes, relationship data, and decision logs. And it comes with everything you need to implement RBAC or fine-grained authorization models, such as ABAC, and ReBAC. Take a look at our open-source projects: - Topaz.sh: a standalone authorizer you can deploy in your environment to add fine-grained access control to your applications. Topaz lets you combine OPA policies with Zanzibar’s data model for complete flexibility. - OpenPolicyContainers.com (OPCR) secures OPA policies across the lifecycle by adding the ability to tag, verStarting Price: $0 -
9
Cloudentity
Cloudentity
Cloudentity increases development velocity, audit efficiency and risk mitigation by advancing fine-grained authorization policy management and delivering continuous, transaction-level enforcement across hybrid, multi-cloud and microservice environments. Externalize authorization management that empowers developers to efficiently create policy-as-code, provision standardized controls, and invoke contextual access and data exchange enforcement as close to the service as possible. Accelerate application delivery by expediting security validation with full data lineage for audit, forensics and compliance. Cloudentity provides dynamic authorization governance that delivers policy automation and adaptive control ensuring Zero Trust between users, apps, services and data. Automate app, service and API inventory, authorization policy standardization, and declarative authorization provisioning to streamline release security verification. -
10
PlainID
PlainID
PlainID is The Authorization Company. PlainID provides both Business AND Admin teams with a simple and intuitive means to control their organization’s entire authorization process, all based on your own business logic. The platform allows you to implement literally any kind of rules you could imagine, all without coding, and all in fine grained detail. PlainID simplifies Authorization so that thousands of Roles, Attributes and even Environmental Factors can be converted into a few logical SmartAuthorization policies using our Graph Database Decision Engine. In-depth Analytics and Insights: PlainID provides unobstructed visibility with a full audit trail. Compliance, regulation and audit requirements, they’re easy to manage on a simple graph-based UI. Access is determined dynamically and in real time, based on user attributes, environmental attributes (time, location, etc.) as well as event based authorizations. PlainID combines ABAC & RABC to a united policy. -
11
Entitle
BeyondTrust
Entitle fuses a security-first approach to provisioning and governance, with a commitment to business enablement for all teams, from R&D and sales to H&R and finance. Speed up provisioning to unlock security policies that automatically update with changing infrastructure and employee needs. Grant permissions to specific resources, like Google Drive folders, database tables, Git repositories, and more. Keep privileged resources and roles safe by granting access only when needed, and removing them when not. Give peers, managers, and resource owners the power to approve access requests, for authorizations you can trust. With automated access requests and zero-touch provisioning, DevOps, IT, and all teams can save serious time and resources. Users can request access to what they need via Slack, Teams, Jira, or email for a seamless approval process. Grant bulk permissions for fast onboarding and offboarding to keep up with organizational changes. -
12
AuthZed
AuthZed
Unblock your business with an authorization system inspired by Google's Zanzibar white paper. As the creators of SpiceDB, the AuthZed team delivers enterprise-ready permissions systems built for scale and security. The most mature open source Zanzibar implementation designed for both consistency and performance at scale. Define fine-grained access for any object in your application or across your product suite and manage permissions using a centralized schema. Specify consistency requirements per authorization check; tunable consistency features balance performance and correctness according to your use case. SpiceDB returns lists of authorized subjects and accessible resources, helpful when pre-filtering permission-based results. Instrumented with observability tooling, a powerful Kubernetes operator, and load-testing capabilities, SpiceDB prioritizes both developer and platform engineering experiences. -
13
Blue Cedar
Blue Cedar
Easily modify mobile apps to meet security needs without developer assistance. Execute streamlined mobile app deployments. Manage zero-trust network access (ZTNA) controls for mobile apps and devices. Reduce lead time with workflows that orchestrate fragmented deployments efforts, coordinate technologies, and enhance cross-team collaboration. Easily address your unique deployment needs with our workflow builder, deployment and enhancement services, and integrations with popular technologies. Use visualizations of analyzed workflow data to optimize future deployments. The Blue Cedar platform is used by leaders in finance, insurance, healthcare, government, energy, and other industries. Request a demo today to find out how Blue Cedar can help you streamline mobile app deployments. Add new functionality to mobile apps without coding. Orchestrate any sequence of deployment tasks. Enable zero-trust access from any mobile app on any device. -
14
ProfileTailor
Xpandion
ProfileTailor Security & Authorizations. Take Control over SAP Authorizations! Not only are SAP Authorizations complex, but also the authorization team has to be in control at all times. Events like granting sensitive permissions or identifying suspicious use of risky SAP authorizations cannot be ignored and must be taken care of immediately. In answer to these needs, ProfileTailor Dynamics Security & Authorizations was designed to give a 360° control over SAP Authorizations and Behavior-based Security. Get Insights about SAP Authorizations, Be the Expert! ProfileTailor Dynamics Security & Authorizations was designed with both novice users and professional experts in mind. Novice users can easily feel like experts, having all the in-depth data of SAP Authorizations without the need to delve into the fine details of SAP Authorizations, like objects and fields. They can optimize authorization roles and be in control over sensitive SAP permissions. -
15
Ionic Machina
Ionic
Data security is managed in silos, but sensitive data traverses multiple applications, environments, data stores, and devices. This makes it challenging to scale data security and implement consistent access controls. Machina is your agile and dynamic authorization solution that easily handles modern challenges. Manage your shared responsibility to secure data at rest and in transit in the cloud and on-prem. Track how data is handled and accessed; audit how policies are enforced across your organization. Deliver context-aware dynamic authorization for each access request to maintain least privilege. Abstract access logic from app code to orchestrate policy enforcement across multiple environments. Implement and enforce consistent access policies in real-time across applications, repositories, workloads, and services. Monitor and analyze data handling and policy enforcement across your enterprise, and generate audit-ready proof of compliance. -
16
Unosecur
Unosecur
Eliminate cloud permissions gap and maintain continuous security across multi-cloud environments. Central logging for all IAM credentials to provide granular insights and policy control, enforcing just-in-time permissions. Deep analytics to detect and mitigate privilege misconfigurations by applying least privilege principles, access control & right-sizing. Get audits for identity and access privileges and compliance at any time. Insightful reports for risk assessment, investigations, and forensics are always available and updated. Connect your cloud environment to Unosecur hassle-free within minutes and a few steps. Unosecur's advanced dashboard will give you full visibility of your cloud identity posture within a few hours after onboarding. Now, you are ready to remediate and report any identity and access permissions gap and perform access right-sizing at any time. Identity and access governance. -
17
Manages users, groups and roles. Authentication, delegation, authorization and auditing. Role-based access control, entitlements and time-based access rules. Manages access control policies for Web, Java and CORBA® resources. Manages access control policies for fine-grain application data and/or features. Central administration with flexible deployment options. Features specifically designed to aid in meeting privacy legislation. Supports integration with existing security infrastructure. Provides foundation for orb2 for Java Security Services.
-
18
Gate22
ACI.dev
Gate22 is an enterprise-grade AI governance and MCP (Model Context Protocol) control platform that centralizes, secures, and observes how AI tools and agents access and use MCP servers across an organization. It lets administrators onboard, configure, and manage both external and internal MCP servers with fine-grained, function-level permissions, team-based access control, and role-based policies so that only approved tools and functions can be used by specific teams or users. Gate22 provides a unified MCP endpoint that bundles multiple MCP servers into a simplified interface with just two core functions, so developers and AI clients consume fewer tokens and avoid context overload while maintaining high accuracy and security. The admin view offers a governance dashboard to monitor usage patterns, maintain compliance, and enforce least-privilege access, while the member view gives streamlined, secure access to authorized MCP bundles.Starting Price: Free -
19
Mammoth Enterprise Browser
Mammoth Cyber
Mammoth Cyber's Enterprise Browser is a Chromium-based solution designed to enhance secure remote access by integrating a policy engine directly within the browser. It offers organizations visibility and control over user interactions with internal applications, public cloud services, and SaaS platforms. By enforcing conditional access and implementing least privilege principles, the browser ensures that users access only the resources necessary for their roles, thereby reducing the risk of data breaches. Detailed audit logs of user activities support compliance and security monitoring. The Enterprise Browser integrates seamlessly with identity providers like Okta and Azure AD, automating role-based permissions and streamlining user onboarding. Its familiar interface minimizes the learning curve, promoting user adoption. Additionally, the browser facilitates secure developer access by supporting SSH, RDP, Git, Kubernetes, and database connections directly. -
20
Axiomatics Orchestrated Authorization
Axiomatics
With our solution, Information Access Management (IAM) teams establish policy guardrails, while enabling developers, DevOps and DevSecOps teams as well as application owners to author, test, deploy, and analyze policies. In return, you are rewarded with an authorization approach that aligns to a Zero Trust strategy, creates policy visibility, accelerates application development, and delivers confidence. Organizations on the journey toward an Orchestrated Authorization approach do so with the goal of implementing an authorization vision that can support every application and resource in their technology environment. -
21
UNIT-e
Education Software Solutions Ltd.
UNIT-e puts the power of your education management solutions firmly into the hands of your students, staff and senior leaders. By removing data silos and creating a single source of truth spanning the full student journey, UNIT-e education management solutions help data-driven further and higher education providers respond to challenges in the sector, faster. Looking for the best education management solutions? Contact one of our expert sales team to talk through how our products and services can help. Bring together your college community with CEDAR, an easy-to-use engagement tool, accessible across any device, that allows students, parents and staff to access a data rich view of individual's progress, attendance, performance and more. Bring together your college community with CEDAR, an easy-to-use engagement tool, accessible across any device, that allows students, parents and staff to access a data rich view of individual's progress, attendance, performance and more. -
22
Permeasyon
Anduseit
Employees come and go. Depending on your company sector and size, you may be hiring new employees very often. And every time a new employee starts in your company, he needs to have access to different applications. Different people will need to be contacted to authorize and assign all the permissions, which may take several days with the consequent loss of working time. However, Permeasyon solves this task within minutes. The needs of a company vary over time: new projects that start and others that finish, but also projects that move to maintenance needing less human resources and, more critical, projects requiring higher resources for some time to meet deadlines or client requirements. These situations mean an urgent need to relocate current employees, adding or removing permissions to those users to accomplish with important milestones. How can you correctly relocate the users in a timely and efficient way when needed? Permeasyon is the perfect tool to help you achieve this task. -
23
Multifactor
Multifactor
Multifactor is a next-generation account-sharing and access-management platform built around zero-trust, post-quantum cryptography, and fine-grained permissioning. Rather than simply sharing credentials, users store their online accounts (passwords, passkeys, 2FA codes) in a secure vault and grant access to humans or AI agents by sending controlled links. Access can be revoked instantly, and the underlying credentials remain hidden. You can define precise permissions (for example, “read transactions” but not “initiate transfers”), capture detailed non-repudiable audit trails of every action, and enjoy built-in encryption and post-quantum security architecture that ensures only authorized parties ever gain access. The platform can also operate as a full identity-and-access-management suite, supporting authentication (biometrics, hardware tokens), authorization, access auditing, device and network endpoint enforcement, and secure account/resource sharing.Starting Price: Free -
24
Symatec Secure Access Cloud
Broadcom
Symantec Secure Access Cloud is a SaaS solution that enables more secure and granular access management to any corporate resource hosted on-premises or in the cloud. It uses Zero Trust Access principles in delivering point-to-point connectivity without agents or appliances, eliminating network level threats. Secure Access Cloud provides point-to-point connectivity at the application level, cloaking all resources from the end-user devices and the internet. The network-level attack surface is entirely removed, leaving no room for lateral movement and network-based threats. Its simple-to-set, fine-grained and easy-to-manage access and activity policies prevent unauthorized access to the corporate resources by implementing continuous, contextual (user, device and resource-based context) authorization to enterprise applications allowing secured employee, partners and BYOD access. -
25
WALLIX BestSafe
WALLIX Group
Eliminate the need for user accounts with elevated permissions thanks to innovative endpoint privilege management. Achieve unparalleled security across all endpoints with permissions controlled at the application and process level – without impacting user productivity. Mitigate the risks of granting administrator privileges without overburdening your IT team. Endpoint Privilege Management applies the Principle of Least Privilege with seamless and granular application-level permissions control while empowering users to work efficiently. Block ransomware, malware, and crypto viruses from entering your network, even when users hold elevated privileges. Control privileges at the application and process-level and stop encryption operations with innovative endpoint protection technology. Enforce least privilege security efficiently, with no impact on user productivity and minimizing the need for IT intervention. -
26
AWS Organizations
Amazon
AWS Organizations offers policy-based management for multiple AWS accounts. Learn how Organizations help you more easily manage policies for groups of accounts and automate account creation. Quickly scale your environment by programmatically creating new AWS accounts for your resources and teams at no additional charge. Simplify user-based permission management to give teams the freedom to build while staying within targeted governance boundaries. Manage and optimize costs across your AWS accounts and resources. Centrally secure and audit your environment across all of your AWS accounts. Create AWS accounts and add them to user-defined groups for instant security policy application, touchless infrastructure deployments, and auditing. Create a security group and provide users with read-only access to your resources to actively monitor, identify, and mitigate security concerns. -
27
Amazon QLDB is a fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log owned by a central trusted authority. Amazon QLDB can be used to track each and every application data change and maintains a complete and verifiable history of changes over time. Ledgers are typically used to record a history of economic and financial activity in an organization. Many organizations build applications with ledger-like functionality because they want to maintain an accurate history of their applications' data, for example, tracking the history of credits and debits in banking transactions, verifying the data lineage of an insurance claim, or tracing movement of an item in a supply chain network. Amazon QLDB is a new class of database that eliminates the need to engage in the complex development effort of building your own ledger-like applications.Starting Price: $0.03 per GB per month
-
28
Aruba ClearPass
Aruba Networks
HPE Aruba Networking ClearPass Policy Manager protects your network with policies based on Zero Trust security principles to support hybrid workplace initiatives, IoT devices, and the connected edge. It simplifies access for authorized users and devices with least‑privilege controls, protecting visitors, partners, customers, and employees across Wi‑Fi, wired, and WAN networks with integrated guest portals, device configuration monitoring, and SASE‑aligned Zero Trust security. Integrated Zero Trust security prepares IT teams to implement reliable, role‑based policies for enterprise‑wide Zero Trust enforcement. Its broad partner ecosystem enables seamless integration with existing security technologies, while dynamic, identity‑based traffic segmentation ensures consistent protection across all network environments. HPE Aruba Networking ClearPass Policy Manager helps security teams authenticate, authorize, and enforce secure network access with role‑based and Zero Trust policies. -
29
Delinea Cloud Access Controller
Delinea
Gain granular control over web applications and web-based cloud management platforms. Delinea's Cloud Access Controller provides a comprehensive PAM solution that operates at cloud speed and is quick to deploy and secure access to any web application. With Cloud Access Controller, you can easily integrate your existing authentication solutions with any web application without having to write any additional code. Apply granular RBAC policies that enforce least privilege and zero trust initiatives, even to custom and legacy web applications. Specify what an individual employee is allowed to read or modify within any web application. Grant, manage and revoke access to cloud applications. Specify who gets access to what, at a granular level. Track usage of each and every cloud application. Clientless session recording without agents. Secure access to all web applications, including social media, custom, and legacy web applications. -
30
ZeroTek
ZeroTek
ZeroTek is a multi-tenant IAM SaaS platform purpose-built for managed service providers to deploy, manage, and scale Okta identity services across multiple customers from a single environment. It extends Okta’s enterprise-grade identity and access management capabilities with MSP-specific tooling that simplifies multi-client operations, enabling providers to deliver secure authentication, single sign-on, and lifecycle management as a monthly service. It provides a centralized dashboard that lets teams view and manage multiple customer directories, users, and applications in one place, reducing operational complexity and improving visibility. ZeroTek also enables self-service Okta tenant creation in seconds, allowing faster customer onboarding without lengthy procurement or licensing processes. MSP-focused role-based access control enforces least-privilege permissions for technicians, while comprehensive auditing ensures full accountability across environments. -
31
Keycard
Keycard
Keycard is an identity-and-access infrastructure platform built for the agent-native era, enabling developers and enterprises to securely connect AI agents, users, services, and APIs with real-time, policy-driven identity controls. It issues dynamic, ephemeral access tokens in place of static secrets and supports federated identity models to unify users, agents, and workloads under a distributed authorization framework. The platform provides drop-in SDKs for popular frameworks so developers can build agent-aware applications without becoming IAM experts. Keycard’s data model includes identity-attested agents, tasks, tools, and resources, allowing logical zones with context-aware permissions and auditability. On the policy side, security teams can define deterministic, task-based rules that enforce who (user/agent) can do what (task) on which resource under which conditions, all with full transparency. -
32
Vault One
VaultOne Software
Have total control and visibility over who accesses your data, systems, applications, infrastructure and any other assets, preventing cyber attacks and data breaches. With VaultOne, protect your company’s resources and achieve compliance. VaultOne is redesigning the concept of privileged access management (PAM). Manage user access, credentials and sessions in a fast, secure and automated way. In a single and powerful solution, we offer multiple features, such as digital vault, password generator, sessions recording, auditing and reporting, customizable policies, disaster recovery and multi-factor authentication. If you’re looking for a solution to protect shared accounts, certificates and user access to applications, websites, servers, databases, cloud services and infrastructure, you’ve just found it. By creating customized access policies and managing users and privileges, you fight cyber attacks and avoid data breaches.4Starting Price: $99 per month -
33
Ona
Ona
Ona, formerly Gitpod, is a modern development platform that provides mission control for software projects and engineering agents. It allows developers to keep momentum on any device by offering sandboxed, API-first environments in the cloud or within a company’s VPC. These environments come pre-configured with tools, dependencies, and controls, ensuring a consistent and secure setup for professional software engineering. Ona Agents further enhance productivity by assisting with tasks like scoping, writing, reviewing, and documenting code across the entire development lifecycle. Enterprise-ready guardrails deliver fine-grained permissions, policies, and audit trails, giving organizations full control over compliance and security. Trusted by millions of developers and Fortune 500 companies, Ona integrates seamlessly with tools like GitHub, GitLab, AWS, Copilot, and Amazon Bedrock.Starting Price: $20/month -
34
Corma
Corma
Corma is a unified license and access governance platform built for modern IT teams. It helps organizations manage software spend, identity access, and security from a single, centralized system. Corma provides full visibility into all SaaS applications, users, and permissions across the IT stack. The platform uses AI-powered agents to automate onboarding, offboarding, and access reviews with zero manual effort. Corma enables least-privilege access enforcement and simplifies compliance with standards like ISO 27001 and SOC 2. It also helps reduce software costs by identifying unused licenses and preventing surprise renewals. With fast setup and automation-first workflows, Corma allows teams to go live in minutes. -
35
Alibaba Cloud Bastionhost
Alibaba Cloud
Bastionhost enables you to manage asset O&M permissions in a centralized manner, monitor all O&M operations, and reproduce O&M scenarios in real-time to facilitate identity authentication, access control, and operation audit. You can use Bastionhost to troubleshoot issues, such as difficulties in the management of various assets, unclear responsibilities and authorities, and difficulties in the backtracking of O&M events. Bastionhost provides a centralized portal to access server resources. Bastionhost provides a single sign-on to allow O&M personnel to manage and maintain all server assets, facilitating centralized asset management. Furthermore, Bastionhost supports password-free logon for asset O&M. It manages accounts and passwords in a centralized manner to simplify account management. Bastionhost supports fine-grained user permission assignments to allow different users to perform operations based on the permissions assigned to them.Starting Price: $1.65 per month -
36
NdSecure
Ndende Technologies
NdSecure is a Single Sign-On (SSO) and Identity and Access Management (IAM) solution. Ndsecure offers a user-friendly, flexible, and customizable identity and access management solution capable of operating within a diverse industry-centric architecture. The role played by NdSecure is to provide a robust and secure logical access control environment, incorporating strong authentication methods. The objective is to prevent unauthorized access to the corporate management system, thereby reducing frauds arising from insider threats. NdSecure’s API management platform provides more advanced ways for the workforce to control access to various applications. By leveraging existing request content and identity stores, NdSecure can provide: • Policy-based authentication • Coarse and fine-grained authorization • Single sign-on (using SAML, OpenId Connect, social log-in or OAuth-based federation) • Support for Common Criteria • Uses FIDO 2.0 and W3C WebAuthnStarting Price: $8/month/user -
37
SGNL
SGNL
As the enterprise and workforce evolve, access must be intelligent and dynamic. SGNL ensures that your most valuable resources are being accessed by the right people, at the right time, in the right context. Enterprise use cases require a fine-grained approach. By building a deep understanding of your business, SGNL is able to drive smart, realtime access decisions. Scalable access policies should be understandable by all stakeholders. SGNL enables this through an intuitive, human-readable policy builder. SGNL connects to, and complements, your existing identity and business systems—with a broad array of simple, easy-to-implement integrations. -
38
Fine-grained access control and visibility for centrally managing cloud resources. Identity and Access Management (IAM) lets administrators authorize who can take action on specific resources, giving you full control and visibility to manage Google Cloud resources centrally. For enterprises with complex organizational structures, hundreds of workgroups, and many projects, IAM provides a unified view into security policy across your entire organization, with built-in auditing to ease compliance processes. We recognize that an organization’s internal structure and policies can get complex fast. Projects, workgroups, and managing who has authorization to do what all change dynamically. IAM is designed with simplicity in mind: a clean, universal interface lets you manage access control across all Google Cloud resources consistently. So you learn it once, then apply everywhere.
-
39
GPOADmin
Quest
Simplify Active Directory group policy management and governance. GPOADmin is a third-party group policy management and governance solution that allows you to search, administer, verify, compare, update, roll back and consolidate GPOs to ensure consistency and avoid long-term GPO proliferation. GPO comparison features combined with enhanced security and workflow capabilities means controlling and securing your Windows infrastructure while supporting governance initiatives. Getting GPOs right is critical, one wrong GPO with a seemingly innocuous setting can inflict massive detrimental effects to the security posture of thousands of systems in your network within minutes. With GPOADmin, you can automate critical Group Policy management and governance tasks to reduce risk and eliminate manual processes. Improve GPO auditing and verify setting consistency quickly and easily with advanced, side-by-side GPO version comparisons at various intervals. -
40
Proofpoint Secure Access
Proofpoint
Experience a better way to connect remote employees, partners and customers to your datacenters and cloud infrastructure, with tighter security, superior user experience and reduced IT management. Proofpoint Secure Access eliminates overly permissive access, slow connections, and endless administration - while delivering segmented, verified, and audited access for every type of user. Convenient User Experience – Enable access to authorized applications wherever they are located with a single, always-on connection. The cloud-native, encrypted overlay network features global PoPs to optimize performance. Central Management and Total Visibility – The cloud-delivered secure access solution frees up IT from managing rules and troubleshooting problems across appliances in multiple locations. -
41
Systancia Identity
Systancia
Systancia Identity, a powerful management of your entire ecosystem's identities and authorizations for all your applications, on premise or cloud. Systancia Identity, formerly Avencis Hpliance, is an identity governance and administration solution. It allows to manage identities, their membership organizations, their authorizations, and possibly their resources (endowments). Its Workflow module allows the management of many different use cases: flow of people, processes, authorization/resources request. it is provided with an agile synchronization engine that easily integrates into your upstream and downstream repositories. It also provides features such as permission certification and separation of privileged duties (SoD), while allowing traceability and visibility of actions performed via its audit and reporting module. Systancia Identity is particularly easy to use once the basic base has been set up and is therefore quickly adopted by users. -
42
Okera
Okera
Okera, the Universal Data Authorization company, helps modern, data-driven enterprises accelerate innovation, minimize data security risks, and demonstrate regulatory compliance. The Okera Dynamic Access Platform automatically enforces universal fine-grained access control policies. This allows employees, customers, and partners to use data responsibly, while protecting them from inappropriately accessing data that is confidential, personally identifiable, or regulated. Okera’s robust audit capabilities and data usage intelligence deliver the real-time and historical information that data security, compliance, and data delivery teams need to respond quickly to incidents, optimize processes, and analyze the performance of enterprise data initiatives. Okera began development in 2016 and now dynamically authorizes access to hundreds of petabytes of sensitive data for the world’s most demanding F100 companies and regulatory agencies. The company is headquartered in San Francisco. -
43
frnt
frnt
By leveraging our all-in-one knowledge and workflow automation platform, your frontline retail operators and managers can save up to 25% of their time spent on tasks such as information sourcing, insight gathering, and reporting. frnt was built with medium-to-large retail businesses’ needs in mind. We are helping frontline operation teams to repurpose up to 27,000 hours annually, resulting in a bottom-line improvement of ~4%. frnt was developed following modern security principles, including the zero trust security model, strong authentication practices, the principle of least privilege, and the shift-left approach to incorporating security into design, development, and operations. All frnt access requires authentication via your enterprise’s identity provider. frnt only shows you the information you already have permission to access in the source application. If any permissions change, frnt’s results reflect those changes immediately. -
44
Without effective Active Directory management tools, administrators will struggle to manage critical Microsoft AD environments efficiently. Doing more with less increases the likelihood of accidental changes to AD objects, configurations and Group Policy data that can raise your risk of errors and downtime. The need to enforce internal policies and address compliance regulations only adds to the challenge. Active Administrator is a complete and integrated Microsoft AD management software solution that helps you move faster and more nimbly than with native tools. With a single consolidated view into the management of your AD, you can address Active Directory administration gaps left by native tools and quickly meet auditing requirements and security needs. With integrated AD administration and seamless permissions management, you will maintain business continuity, increase IT efficiency and minimize security risks.
-
45
Calico Enterprise
Tigera
A self-managed, active security platform with full-stack observability for containers and Kubernetes. Calico Enterprise is the industry’s only active security platform with full-stack observability for containers and Kubernetes. Calico Enterprise extends the declarative nature of Kubernetes to specify security and observability as code. This ensures consistent enforcement of security policies and compliance, and provides observability for troubleshooting across multi-cluster, multi-cloud and hybrid deployments. Implement zero-trust workload access controls for traffic to and from individual pods to external endpoints on a per-pod basis, to protect your Kubernetes cluster. Author DNS policies that implement fine-grained access controls between a workload and the external services it needs to connect to, like Amazon RDS, ElastiCache, and more. -
46
Active Roles
One Identity
Simplify identity management and security with visibility of all Entra ID (Azure AD) tenants, Microsoft 365, and Active Directory domains from a single pane of glass. Ensure users and objects have fine-grained privileged access only when they need it with dynamic delegation across your identity landscape. Automate manual processes to increase efficiency and security while accelerating account, group, and directory management. Manage all Active Directory domains, Entra ID (Azure AD), and Microsoft 365 tenants from a single pane of glass with our Microsoft solution. Control access and permissions with dynamic rules, group families, and policies with automation. Manage users, groups, roles, contacts, Microsoft 365 licenses, and objects with configurable workflows and customizable scripts. Seamless integration of Active Roles with AWS Directory Service for a zero-trust least privilege model, access delegation, and synchronized on-prem user data. -
47
Delinea Cloud Suite
Delinea
Simplify user authentication to servers from any directory service, including Active Directory, LDAP, and cloud directories such as Okta. Enforce the principle of least privilege with just-in-time and just enough privilege to minimize the risk of a security breach. Identify abuse of privilege, thwart attacks, and quickly prove regulatory compliance with a detailed audit trail and video recordings. Delinea’s cloud-based SaaS solution applies zero-trust principles to stop privileged access abuse and reduce security risks. Experience elastic scalability and performance, supporting multi-VPCs, multi-cloud, and multi-directory use cases. Single enterprise identity to securely log in anywhere. A flexible, just-in-time model with privilege elevation. Centrally manage security policies for users, machines, and applications. Apply MFA policies consistently across all your regulated and business-critical systems. Watch privileged sessions in real-time and instantly terminate suspicious sessions. -
48
AWS Secrets Manager
Amazon
AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text. Secrets Manager offers secret rotation with built-in integration for Amazon RDS, Amazon Redshift, and Amazon DocumentDB. Also, the service is extensible to other types of secrets, including API keys and OAuth tokens. In addition, Secrets Manager enables you to control access to secrets using fine-grained permissions and audit secret rotation centrally for resources in the AWS Cloud, third-party services, and on-premises. AWS Secrets Manager helps you meet your security and compliance requirements by enabling you to rotate secrets safely without the need for code deployments.Starting Price: $0.40 per month -
49
ConductorOne
ConductorOne
ConductorOne is a user-friendly, cloud-loving identity security platform that makes access requests, access reviews, and deprovisioning fast, secure, and compliant. The explosion of cloud apps and infrastructure is great for productivity and collaboration. But for security and GRC teams, managing those SaaS identities and permissions is clunky and error-prone. This results in painful audits, over-permissioned users, and increased risk for breaches. ConductorOne’s identity security platform provides seamless automation, a deep bench of integrations, and best-in-class user experience to help you manage the full lifecycle of cloud permissions and access. No more spreadsheets. No more manually pulling data from apps. No more pinging managers and resource owners for access reviews. Quickly and easily automate access reviews. -
50
AWS Directory Service
Amazon
AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft Active Directory (AD), enables your directory-aware workloads and AWS resources to use managed Active Directory (AD) in AWS. AWS Managed Microsoft AD is built on actual Microsoft AD and does not require you to synchronize or replicate data from your existing Active Directory to the cloud. You can use the standard AD administration tools and take advantage of the built-in AD features, such as Group Policy and single sign-on. With AWS Managed Microsoft AD, you can easily join Amazon EC2 and Amazon RDS for SQL Server instances to your domain, and use AWS End User Computing (EUC) services, such as Amazon WorkSpaces, with AD users and groups. AWS Managed Microsoft AD makes it easy to migrate AD-dependent applications and Windows workloads to AWS. With AWS Managed Microsoft AD, you can use Group Policies to manage EC2 instances and run AD-dependent applications in the AWS Cloud.Starting Price: $0.018
