Alternatives to Azure Key Vault
Compare Azure Key Vault alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Azure Key Vault in 2025. Compare features, ratings, user reviews, pricing, and more from Azure Key Vault competitors and alternatives in order to make an informed decision for your business.
-
1
Keeper Security
Keeper Security
Keeper Security is transforming the way people and organizations around the world secure their passwords and passkeys, secrets and confidential information. Keeper’s easy-to-use cybersecurity platform is built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Keeper’s solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations globally, Keeper is the leader for best-in-class password and passkey management, secrets management, privileged access, secure remote access and encrypted messaging. Protect what matters at KeeperSecurity.com. -
2
1Password
1Password
1Password is a secure, scalable, and easy-to-use password manager that's trusted by the world's leading companies. Using 1Password makes it easy for your employees to stay safe online. Once 1Password is part of their workflow, good security habits will become second nature. 1Password Advanced Protection is now available with 1Password Business. Set Master Password policies, enforce two-factor authentication team-wide, restrict access with firewall rules, review sign-in attempts and require your team to use the latest version of 1Password. Our award-winning apps are available for Mac, iOS, Linux, Windows, and Android. 1Password syncs seamlessly across devices, so your employees always have access to their passwords. When everyone uses 1Password, your risk goes down — and your productivity goes up.Starting Price: $3.99/month/user -
3
GitGuardian
GitGuardian
GitGuardian is an end-to-end NHI security platform that empowers software-driven organizations to enhance their Non-Human Identity (NHI) security and comply with industry standards. With attackers increasingly targeting NHIs, such as service accounts and applications, GitGuardian integrates Secrets Security and NHI Governance. This dual approach enables the detection of compromised secrets across your dev environments while also managing non human identities and their secrets lifecycle. The platform supports over 450+ types of secrets, offers public monitoring for leaked data, and deploys honeytokens for added defense. Trusted by over 600,000 developers, GitGuardian is the choice of leading organizations like Snowflake, ING, BASF and Bouygues Telecom for robust secrets protection.Starting Price: $0 -
4
SharePass
SharePass
SharePass is a SaaS Secret Management platform that allows sharing and managing secrets and confidential information using a web application, extension, or mobile app. SharePass works with encrypted links transmitted from the sender to the receiver with various settings and flags. The settings include expiry restriction, availability, IP restrictions and an entire filtering funnel (patent pending). SharePass is platform-independent that can be used with your existing communication tools. When it comes to your privacy, SharePass or any of its employees cannot see the content of your secrets; the secrets can be seen only by the exchanging parties. SharePass meets the latest cybersecurity compliance and regulations. In the era of identity theft, SharePass will protect you and prevent your data from leaking to the dark web by eliminating your digital footprint. SharePass supports SSO with Office365, Google Workspace, MFA, and integration with Yubikeys for maximum security.Starting Price: Free -
5
Doppler
Doppler
Stop struggling with scattered API keys, hacking together home-brewed configuration tools, and avoiding access controls. Give your team a single source of truth with Doppler. The best developers automate the pain away. Create references to frequently used secrets in Doppler. Then when they need to change, you only need to update them once. Your team's single source of truth. Organize your variables across projects and environments. The scary days of sharing secrets over Slack, email, git, zip files, are over. After adding a secret, your team and their apps have it instantly. Like git, the Doppler CLI smartly knows which secrets to fetch based on the project directory you are in. Gone are the futile days of trying to keep ENV files in sync! Practice least privilege with granular access controls. Reduce exposure when deploying with read-only service tokens. Contractor needs access to just development? Easy!Starting Price: $6 per seat per month -
6
Alliance Key Manager
Townsend Security
Once data is encrypted, your private information depends on enterprise-level key management to keep that data safe. The solution provides high availability, standards-based enterprise encryption key management to a wide range of applications and databases. Alliance Key Manager is a FIPS 140-2 compliant enterprise key manager that helps organizations meet compliance requirements and protect private information. The symmetric encryption key management solution creates, manages, and distributes 128-bit, 192-bit, and 256-bit AES keys for any application or database running on any Enterprise operating system. Encryption keys can be restricted based on several criteria. The most permissive level requires a secure and authenticated TLS session to the key server. Individual encryption keys can be restricted to users, groups, or specific users in groups. Enterprise-wide groups can be defined and keys can be restricted to Enterprise users, groups, or specific users in groups.Starting Price: $4,800 one-time payment -
7
Akeyless Vault
Akeyless
Akeyless is a cloud-native SaaS platform that secures the entire lifecycle of machine identities, credentials, certificates, and keys, eliminating complex and burdensome vault management, resulting in up to a 70% reduction in costs. The platform uses Distributed Fragments Cryptology (DFC™) to ensure zero knowledge—secrets are created as distributed fragments in the cloud and never found in one place. Akeyless is fast to deploy, requires no maintenance, is built for automation, and offers infinite scaling capabilities regardless of the number of environments, regions, or clouds, leading to a 270% higher adoption rate compared to vaults. Akeyless also strengthens AI pipelines from end to end by centralizing authentication, secrets management, certificate automation, and policy enforcement so AI agents can work securely and efficiently without relying on embedded credentials. -
8
HashiCorp Vault
HashiCorp
Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API. Secure applications and systems with machine identity and automate credential issuance, rotation, and more. Enable attestation of application and workload identity, using Vault as the trusted authority. Many organizations have credentials hard coded in source code, littered throughout configuration files and configuration management tools, and stored in plaintext in version control, wikis, and shared volumes. Safeguarding and ensuring that a credentials isn’t leaked, or in the likelihood it is, that the organization can quickly revoke access and remediate, is a complex problem to solve. -
9
Fortanix Data Security Manager
Fortanix
Minimize expensive data breaches and accelerate regulatory compliance with a data-first approach to cybersecurity. The Fortanix DSM SaaS offering is purpose-built for the modern era to simplify and scale data security deployments. It is protected by FIPS 140-2 Level 3 confidential computing hardware and delivers the highest security and performance standards. The DSM accelerator is an optional add-on to achieve the highest performance for latency-sensitive applications. A Single System of Record and Pane of Glass for Crypto Policy, Key Lifecycle Management, and Auditing in a Scalable SaaS Solution That Makes Data Security a Breeze. -
10
Use keys to protect the secrets, personal data, and sensitive information you store in the cloud. Create and delete keys, set up access policies, and perform rotation via the management console, CLI, or API. Yandex KMS implements symmetric and asymmetric cryptography. Use the REST or RPC API to encrypt and decrypt small amounts of data, such as secrets and local encryption keys, as well as to sign data using e-signature schemes. You manage access to encrypted data, and Yandex KMS ensures the reliability and physical security of keys. Hardware Security Modules (HSMs) are available. Encrypt small amounts of data using the SDK in Java or Go. To encrypt larger amounts of data, the service is integrated with popular encryption libraries, including the AWS Encryption SDK and Google Tink. Integration with Yandex Lockbox makes it possible to encrypt secrets with your own keys. Secrets and data can also be protected using encryption keys in Managed Service for Kubernetes.Starting Price: $0.0230 per month
-
11
CyberArk Machine Identity Security
CyberArk
CyberArk Machine Identity Security provides comprehensive protection for all machine identities, including secrets, certificates, workload identities, and SSH keys. The platform offers centralized visibility and scalable automation to secure these non-human identities throughout their lifecycle. Designed to help organizations reduce risk and maintain resilience, CyberArk ensures secure machine identity management across on-premises, cloud, and hybrid environments. -
12
Bravura Safe
Bravura Security
Bravura Safe is a zero-knowledge secret and passwords manager that centrally, consistently, and securely manages decentralized passwords, and secrets so your employees don't have to. It complements core password management solutions that organizations already use. Bravura Safe leverages two decades of Bravura Security’s enterprise cybersecurity solutions. Employees can securely send time-bound passwords for new accounts, encryption keys for files, or entire files without them being leaked or intercepted, and with only one password to their Bravura Safe to remember. The recent rising threat of organizational insiders being paid to help in cyberattacks combined with notoriously bad secret and password hygiene at an individual level is a cause for cybersecurity leaders to be concerned. While IT teams have focused on implementing strong SSO, password management, identity and even privileged access management solutions, the work-from-home world has caused shadow IT to explode. -
13
Entropy Keycrypt
Quantum Entropy
Protect your essential digital assets with Entropy, offering a seamless and secure transition to your trusted circle in unforeseen circumstances. User-Friendly Security Entropy enables you to securely partition important information into discrete shares, each of which reveals nothing about your secret without the others. Distribute these to a select group of trusted individuals, who can then store them offline for added security. Long-Term Resilience With its robust security features, including 256-bit encryption, Entropy is well-suited for durable, decentralized offline storage, safeguarding your data from both online and specific offline threats.Starting Price: $24.99 -
14
HUB Vault HSM
HUB Security
Hub Security’s Vault HSM goes well beyond the average run-of-the-mill key management solution. HUB as a platform not only protects, isolates and insures your company’s data, but also provides the infrastructure you need to access and use it securely. With the ability to set custom internal policies and permissions, organisations big or small can now use the HUB platform to defend against ongoing threats to their security’s IT infrastructure. The HUB Vault HSM is an ultra-secure hardware and software confidential computing platform, made to protect your most valuable applications, data and sensitive organizational processes. The programmable and customizable MultiCore HSM platform enables companies a simple, flexible and scalable digital transformation to the cloud. The HUB Security Mini HSM device is compliant to FIPS level 3, enabling an ultra secure remote access to the HUB Vault HSM. -
15
Keyfactor Command
Keyfactor
Join the world’s leading enterprises running on the most complete and scalable managed PKI as-a-Service. Get all the advantages of PKI without the complexity. Whether it is securing your network, sensitive data, or connected devices, you turn to PKI as the proven technology to establish trust. But building and running your PKI is a complex and expensive undertaking. Getting it right is critical, but it’s not an easy feat. Finding and retaining the right people with the right skillsets, adherence to industry standards, and the expense of hardware and software required to run a robust PKI are all serious challenges — not to mention all that is at stake when something goes wrong. Easily organize and manage your inventory and set proactive alerts to notify users of expired or non-compliant certificates before they become a headache. -
16
ManageEngine Key Manager Plus is a web-based key management solution that helps you consolidate, control, manage, monitor, and audit the entire life cycle of SSH (Secure Shell) keys and SSL (Secure Sockets Layer) certificates. It provides visibility into the SSH and SSL environments and helps administrators take total control of the keys to preempt breaches and compliance issues. Similarly, managing a Secure Socket Layer (SSL) environment can be daunting when organizations use a large number of SSL certificates issued by different vendors with varying validity periods. On the other hand, SSL certificates left unmonitored and unmanaged could expire, or rogue/invalid certificates could be used. Both scenarios could lead to service downtime or display of error messages that would destroy customer trust in data security and, in extreme cases, even result in security breaches.Starting Price: $595 per year
-
17
AWS Key Management Service
Amazon
AWS Key Management Service (KMS) is a managed service that facilitates the creation and control of cryptographic keys used to protect your data. It provides centralized management of keys and policies across integrated services and applications, allowing you to define permissions and monitor key usage. AWS KMS integrates with other AWS services, enabling seamless encryption of data stored within these services and control over access to the keys that decrypt it. Developers can utilize the AWS Encryption SDK to incorporate encryption and digital signature functionalities directly into their application code. AWS KMS supports the generation and verification of hash-based message authentication codes to ensure message integrity and authenticity. The service employs hardware security modules validated under the U.S. National Institute of Standards and Technology (NIST) Federal Information Processing Standards (FIPS) 140-2 Cryptographic Module Validation Program. -
18
Delinea Secret Server
Delinea
Protect your privileged accounts with our enterprise-grade Privileged Access Management (PAM) solution. Available both on-premise or in the cloud. Get up and running fast with solutions for privileged account discovery, turnkey installation and out-of-the-box auditing and reporting tools. Manage multiple databases, software applications, hypervisors, network devices, and security tools, even in large-scale, distributed environments. Create endless customizations with direct control to on-premise and cloud PAM. Work with professional services or use your own experts. Secure privileges for service, application, root, and administrator accounts across your enterprise. Store privileged credentials in an encrypted, centralized vault. Identify all service, application, administrator, and root accounts to curb sprawl and gain a full view of your privileged access. Provision and deprovision, ensure password complexity and rotate credentials. -
19
Thales Data Protection on Demand
Thales Cloud Security
The award-winning Thales Data Protection on Demand (DPoD) is a cloud‑based platform providing a wide range of cloud HSM and key management services through a simple online marketplace. Deploy and manage key management and hardware security module services, on‑demand and from the cloud. Security is now simpler, more cost-effective, and easier to manage because there is no hardware to buy, deploy, and maintain. Just click and deploy the services you need in the Data Protection on Demand marketplace, provision users, add devices, and get usage reporting in minutes. Data Protection on Demand is cloud agnostic, so regardless of whether you use Microsoft Azure, Google, IBM, or Amazon Web Services or a combination of cloud and on-premises solutions, you are always in control of your encryption keys. There is no hardware or software to buy, support, and update, so you don’t have any capital expenditures. -
20
InPrivy
InPrivy
Easily share sensitive information with co-workers, clients, friends, and family. Use InPrivy to share passwords and other sensitive information in a secure way. Prevent your confidential data to remain fully visible in email conversations or chats. Sharing private notes, passwords, API keys, credit card information or any other kind of sensitive data should be done in a safe way. When sending them via email or messengers, your data remains visible and accessible for a long time. Start sharing the secure way, and use InPrivy. No ads, no excessive user tracking, and made in Germany. We ensure robust protection of your sensitive information. Use anywhere on the web, without installing any apps. You are the only one who knows the link to the secret information you created. Give it to the person who should see it. The links are encrypted with SSL and can only be used once by default. The secret information is also kept safe using strong AES-256 encryption.Starting Price: €30 per year -
21
IBM Cloud Hyper Protect Crypto Services is an as-a-service key management and encryption solution, which gives you full control over your encryption keys for data protection. Experience a worry-free approach to multi-cloud key management through the all-in-one as-a-service solution and benefit from automatic key backups and built-in high availability to secure business continuity and disaster recovery. Manage your keys seamlessly across multiple cloud environments create keys securely and bring your own key seamlessly to hyperscalers such as Microsoft Azure AWS and Google Cloud Platform to enhance the data security posture and gain key control. Encrypt integrated IBM Cloud Services and applications with KYOK. Retain complete control of your data encryption keys with technical assurance and provide runtime isolation with confidential computing. Protect your sensitive data with quantum-safe measures by using Hyper Protect Crypto Services' Dillithium.
-
22
iSecurity Field Encryption
Raz-Lee Security
iSecurity Field Encryption protects sensitive data using strong encryption, integrated key management and auditing. Encryption is vital for protecting confidential information and expediting compliance with PCI-DSS, GDPR, HIPAA, SOX, other government regulations and state privacy laws. Ransomware attacks any file it can access including connected devices, mapped network drivers, shared local networks, and cloud storage services that are mapped to the infected computer. Ransomware doesn’t discriminate. It encrypts every data file that it has access to, including the IFS files. Anti-Ransomware quickly detects high volume cyber threats deployed from an external source, isolates the threat, and prevents it from damaging valuable data that is stored on the IBM i while preserving performance. -
23
Enigma Vault
Enigma Vault
Enigma Vault is your PCI level 1 compliant and ISO 27001 certified payment card, data, and file easy button for tokenization and encryption. Encrypting and tokenizing data at the field level is a daunting task. Enigma Vault takes care of all of the heavy liftings for you. Turn your lengthy and costly PCI audit into a simple SAQ. By storing tokens instead of sensitive card data, you greatly mitigate your security risk and PCI scope. Using modern methods and technologies, searching millions of encrypted values takes just milliseconds. Fully managed by us, we built a solution to scale with you and your needs. Enigma Vault encrypts and tokenizes data of all shapes and sizes. Enigma Vault offers true field-level protection; instead of storing sensitive data, you store a token. Enigma Vault provides the following services. Enigma Vault takes the mess out of crypto and PCI compliance. You no longer have to manage and rotate private keys nor deal with complex cryptography. -
24
Entro
Entro Security
Non-Human Identity & Secrets Security Platform. A pioneer in non-human identity management, Entro enables organizations to securely utilize non-human identities and secrets, overseeing their usage and automating their lifecycle from inception to rotation. Secrets-based cyber attacks are devastating and growing as more and more secrets are created by R&D teams and spread across various vaults and repositories with no real secret management, monitoring, or security oversight. Streamline and secure your non-human identity lifecycle management. With Entro, security teams can now oversee and protect Non-human identities with automated lifecycle management and seamless integration, ensuring comprehensive security & compliance through a unified interface. -
25
Google Cloud Key Management
Google
Scale your security globally. Scale your application to Google’s global footprint while letting Google worry about the challenges of key management, including managing redundancy and latency. Help achieve your compliance requirements: Easily encrypt your data in the cloud using software-backed encryption keys, certified FIPS 140-2 Level 3 validated HSMs, customer-provided keys or an External Key Manager. Leverage from integration with Google Cloud products. Use customer-managed encryption keys (CMEK) to control the encryption of data across Google Cloud products while benefiting from additional security features such as Google Cloud IAM and audit logs. A cloud-hosted key management service that lets you manage symmetric and asymmetric cryptographic keys for your cloud services the same way you do on-premises. You can generate, use, rotate, and destroy AES256, RSA 2048, RSA 3072, RSA 4096, EC P256, and EC P384 cryptographic keys. -
26
Hemmelig.app
Hemmelig.app
Hemmelig lets you share secrets securely with encrypted messages that automatically self-destruct after being read. Paste a password, confidential message, or private data. Ensure your sensitive data remains encrypted, secure, and confidential. The secret link, by default, is a one-time use only, after which it will vanish. Hemmelig, [he`m:(ə)li], means secret in Norwegian.Starting Price: Free -
27
Yandex Lockbox
Yandex
Create secrets in the management console or using the API. Your secrets are safely stored in one place, easily integrated with your cloud services, and accessible via external systems over the gRPC or REST API. Encrypt your secrets using Yandex Key Management Service keys. Secrets are only stored in encrypted form. You can choose pre-configured service roles to ensure granular access to your secrets. Set up access permissions to read or manage your secret or its metadata. Create a secret, select a Key Management Service (KMS) key, and securely store your login-password pairs and other sensitive information. A secret may contain any of your confidential information, e.g. a login-password pair, server certificate keys, or cloud service account keys. Each secret stored by the service can have multiple versions of stored data. The service stores this data securely in encrypted form. All secrets are replicated in three availability zones.Starting Price: $0.0277 per 10000 operations -
28
Knox
Pinterest
Knox is a secret management service. Knox is a service for storing and rotation of secrets, keys, and passwords used by other services. Pinterest has a plethora of keys or secrets doing things like signing cookies, encrypting data, protecting our network via TLS, accessing our AWS machines, communicating with our third parties, and many more. If these keys become compromised, rotating (or changing our keys) used to be a difficult process generally involving a deploy and likely a code change. Keys/secrets within Pinterest were stored in git repositories. This means they were copied all over our company's infrastructure and present on many of our employees laptops. There was no way to audit who accessed or who has access to the keys. Knox was built to solve these problems. Ease of use for developers to access/use confidential secrets, keys, and credentials. Confidentiality for secrets, keys, and credentials. Provide mechanisms for key rotation in case of compromise. -
29
SecretHub
SecretHub
Upgrade security throughout the stack with a unified secrets management platform that every engineer can use – from admin to intern. Putting passwords and API keys in source code creates a security risk. But handling them properly creates complexity that makes it extremely cumbersome to deploy. Git, Slack, and email are designed to share information, not to keep secrets. Copy-pasting values and waiting on that one admin who holds all the keys simply don't scale when you're deploying software multiple times a week. It's impossible to track who accessed what secrets at what time, making compliance audits a nightmare. Eliminate secrets in source code by replacing plaintext values with a reference to the secret. SecretHub then automatically loads secrets into your app the moment it starts. Use the CLI to encrypt and store secrets and then simply tell the code where to look for the secret. Your code is now free of secrets and can be shared with everyone on your team.Starting Price: $99 per month -
30
qProtect
QuintessenceLabs
qProtect™ delivers powerful data protection for the most sensitive and critical assets, particularly when they are in uncontrolled environments. It offers a much-needed practical solution for the protection of critical mobile data. Capabilities include automatic secure erasure of one-time key material when recording data, and “virtual zeroization”, to protect confidential information wherever it is, now and into the future. Our product portfolio and strong technical partnerships deliver broad security capabilities for the strongest security posture, today and tomorrow. QuintessenceLabs quantum-enabled solutions integrate with today’s encryption technologies. Centralized and vendor-neutral encryption key management solution. Designed to easily address the toughest challenges in key management. Crypto agile is adaptable to quantum-resistant algorithms. The point-to-point protocol that uses specialized hardware to share secret keys over an optical link. -
31
Password.link
Password.link
The link can only be opened once. This ensures nobody has opened it before the recipient and nobody can open it again afterward. The encrypted secret is deleted from our database when it has been viewed. There's no way to view it again. Sending secrets in plain text exposes them to threats even after the message has been long forgotten. Using a one-time link ensures that there are no valid credentials lying around in email inboxes or archived instant messages. Half of the encryption key is stored in the link itself and never seen by us or anyone else. Viewing the secret is not possible without the original link. Using our service you can create a one-time link to the credentials and be sure nobody sees them before the recipient. You can also configure notifications to be sent via different channels so you know when the credentials have been viewed, and by who.Starting Price: €8.99 per month -
32
WALLIX Bastion
WALLIX
Easy to use and deploy, the WALLIX Bastion PAM solution delivers robust security and oversight over privileged access to critical IT infrastructure. Reduce the attack surface, secure remote access, and meet regulatory compliance requirements with simplified Privileged Access Management. WALLIX Bastion delivers leading session management, secrets management, and access management features to secure IT and OT environments, enable Zero Trust and Just-In-Time policies, and to protect internal and external access to sensitive data, servers, and networks in industries ranging from healthcare to finance to industry and manufacturing. Adapt to the digital transformation with secure DevOps thanks to AAPM (Application-to-Application Password Management). WALLIX Bastion is available both on-premise and in cloud environments for complete flexibility, scalability, and the lowest market total cost of ownership. WALLIX Bastion PAM natively integrates with a full suite of security solutions -
33
Strongbox
Strongbox
Strongbox provides best in class secure password management helping you keep your data secret. Protecting you from digital attacks by using recognized best practices, military grade cryptography, and industry standard formats. Strongbox not only secures your data but provides a beautiful native experience on iPhones, iPad’s and Macs. The ultimate KeePass iOS password manager. Strongbox is a native App on both iOS and MacOS platforms. This means it looks and feels just like an App should. Designed with Apple’s human interface guidelines in mind and using standard UI paradigms, controls, colours and integrations, Strongbox just feels native. AutoFill integration means you never have to leave Safari or your other Apps to fill in a password, just tap the Strongbox suggestion above your keyboard, authenticate and you’re done. Use Face ID to automatically unlock your database, being secure has never been so convenient.Starting Price: $2.49 per month -
34
KeyScaler
Device Authority
KeyScaler® is a purpose-built device identity centric IAM platform for IoT and Blockchain. It allows customers to securely register, provision and connect devices to IoT platforms, applications and services. The platform simplifies the process of establishing a robust, end-to-end security architecture within the IoT and deliver efficiencies at scale through security automation, without human intervention. With the enormous and dynamic scale of the IoT where new devices are continually being provisioned, this process rapidly becomes unmanageable without automation. The IoT demands an approach to identification that starts with individual devices – authenticated automatically and dynamically, with no manual intervention required. Device Authority has developed a flexible device interface protocol that interoperates with KeyScaler® for delivering automated PKI for IoT devices - providing two alternatives for device authentication. -
35
Salesforce Shield
Salesforce
Natively encrypt your most sensitive data at rest across all of your Salesforce apps with platform encryption. Ensure data confidentiality with AES 256-bit encryption. Bring your own encryption keys and manage your key lifecycle. Protect sensitive data from all Salesforce users including admins. Meet regulatory compliance mandates. See who is accessing critical business data, when, and from where with event monitoring. Monitor critical events in real-time or use log files. Prevent data loss with transaction security policies. Detect insider threats and report anomalies. Audit user behavior and measure custom application performance. Create a forensic data-level audit trail with up to 10 years of history, and set triggers for when data is deleted. Expand tracking capabilities for standard and custom objects. Obtain extended data retention capabilities for audit, analysis, or machine learning. Meet compliance requirements with automated archiving.Starting Price: $25 per month -
36
Zoho Vault
Zoho
Say goodbye to memorizing passwords. Let us do it for you. Zoho Vault is a secure password manager that safely manages your passwords and autofills them across websites and applications. Unlimited password storage, seamless autofill, fine-grained admin controls–Vault has it all. Get clear security insights into both your personal and business passwords. Identify any weak passwords and change them in just a few clicks. Securely store, share, and manage passwords with different levels of access privileges. You can also add notes, documents, credit cards, software licenses, SSH keys, and more to your password vault. Organize passwords and other confidential data into groups as folders and sub-folders for easy password management and bulk-sharing. Allow users to log in to their everyday apps without passwords. Our catalog readily supports hundreds of popular cloud apps, as well as options for custom integration.Starting Price: $1 per month -
37
StrongKey
StrongKey
StrongKey has been in the PKI business for almost 20 years, with implementations across the globe in a diverse range of applications. StrongKey Tellaro provides a full public key infrastructure (PKI) platform for managing keys and digital certificates. With a built-in hardware security module (HSM) and EJBCA server, customers are able to issue digital certificates with our Tellaro E-Series based on securely generated public keys. Private keys are generated and stored within the HSM. Our PKI management solution integrates with TLS/SSL, identity access management (IAM), digital signature, secrets management, and device management systems. StrongKey Tellaro is a comprehensive software suite that provides strong authentication, encryption, tokenization, PKI management, and digital signature management. Our open-source software includes a FIDO® Certified FIDO2 server, and we support flexible data center and cloud deployment models. -
38
CertiNext
eMudhra
A Certificate Lifecycle Management (CLM) with built-in Key Management. Generate and Rotate Keys Seamlessly. Encrypt & Decrypt Data Securely. CertiNext supports all AES, RSA and ECDSA keys for your key management needs to ensure that your keys, and hence, your data remains protected, always. CertiNext Key Management comes with KMIP support to help you automate key management straight from CertiNext and ensure your ecosystem is always secure. Manage your key rotation policies straight from the dashboard. Lost your keys? No problem, you can easily recover and/or reissue your lost keys CertiNext is flexible to allow you to store your keys in encrypted form within your App Server or alternately, store in secure hardware. You can even manage how keys get distributed to address your business requirements from the dashboard. -
39
Comodo Certificate Manager
Comodo
Advanced Certificate Issuance And Lifecycle Management. Discover and manage all your SSL Digital Certificates automatically. Secure, reliable and centralized management platform. Helps you self-administer, instantly provision and control all SSL/PKI. Expired SSL certificates can cause systems to break, services to go down, and trust in your business to wane. Keeping track of digital certificates and their renewal dates is a big job and it's going to get harder. Need for a mechanism to administer certificates effectively. Flexible and reliable system for digital certificate issuance and lifecycle management. Centralizes and automates management of cryptographic keys and digital certificates. Ensures that certificates do not expire unexpectedly. Secure, tiered cloud-based administration. Microsoft Active Directory integration. Certificate Discovery Tool finds all certificates no matter who issued them. Administrative protection using two-factor authentication and IP address validation. -
40
Unbound CORE Identity Security
Unbound Security
Authenticate users and machines and protect PKI – seamlessly across all locations and devices. Create virtual enclaves for mobile and for desktop with maximum security and without sacrificing the user experience. Authenticate user access and identify simply and securely with CORE virtual secure enclave SDK. Mobile, desktop, or server-side enabled – CORE keeps credentials safe even if the user’s personal device is compromised. Build virtual smartcards, protect mobile apps, and more with pure software agility. Integrate strong two-factor and multi-factor authentication into a mobile app – no hardware, no one-time password, no software token required. Replace traditional smartcards with virtual ones to authenticate employees and reduce operational strain and total cost of ownership. Protect machine and human electronic identities and the root certificate authority which oversees them. Protecting PII with maximum security, best user experience. -
41
EncryptRIGHT
Prime Factors
EncryptRIGHT simplifies application-level data protection, delivering robust encryption, tokenization, dynamic data masking, and key management functionality, along with role-based data access controls and a data-centric security architecture, to secure sensitive data and enforce data privacy. EncryptRIGHT is architected to deploy quickly with very little integration effort and scale from a single application to thousands of applications and servers on premises or in the cloud. Our unique Data-Centric Security Architecture allows information security teams to comprehensively define an EncryptRIGHT Data Protection Policy (DPP) and to bind the policy to data itself, protecting it regardless of where the data is used, moved or stored. Programmers do not need to have cryptography expertise to protect data at the application layer – they simply configure authorized applications to call EncryptRIGHT and ask for data to be appropriately secured or unsecured in accordance with its policy.Starting Price: $0 -
42
Secure and Protect Privileged Accounts, Sessions and Credentials. Everywhere! RevBits Privileged Access Management is a six-in-one solution that includes privileged access, privileged session, password, service accounts, key and certificate management, as well as extensive session logging that captures keystrokes and video. RevBits Privileged Access Management native clients are available for common operating systems. As an organization’s need for comprehensive access management grows, the expansion of onboarding vendors will also increase. RevBits Privileged Access Management is built to provide comprehensive access management while reducing the growth in vendor onboarding. With five integrated access management modules in one solution, organizations are in control. Product Features:- Hardware Tokens Comprehensive Platform Coverage Customizable Password Management Extensive Audit Logs Access Granting Workflow Ephemeral Passwords Complete Key Management SSL Scanner
-
43
Ubiq
Ubiq Security
Encrypt your most sensitive data before it leaves the application, so the storage layer – and adversaries – only ever see ciphertext. Application-native client-side encryption protects data from sophisticated attackers, supply-chain attacks, and insider threats. Most at-rest encryption solutions – transparent disk encryption, full disk encryption, etc. – are ineffective against modern threats because they grant admins, key processes, and attackers (who exploit privileged access) implicit access to plaintext data. Eliminate this gap and bridge the divide between engineering, security, and compliance teams with Ubiq’s developer-first, encryption-as-code platform. Lightweight, prepackaged code and open source encryption libraries that quickly integrate into any application type for native client-side encryption and set-and-forget key management.Starting Price: $0.001 per encrypt -
44
AWS Secrets Manager
Amazon
AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text. Secrets Manager offers secret rotation with built-in integration for Amazon RDS, Amazon Redshift, and Amazon DocumentDB. Also, the service is extensible to other types of secrets, including API keys and OAuth tokens. In addition, Secrets Manager enables you to control access to secrets using fine-grained permissions and audit secret rotation centrally for resources in the AWS Cloud, third-party services, and on-premises. AWS Secrets Manager helps you meet your security and compliance requirements by enabling you to rotate secrets safely without the need for code deployments.Starting Price: $0.40 per month -
45
Privakey
Privakey
Privakey’s transaction intent verification provides a secure channel to streamline high risk exchanges between services and their users. Now available as a cloud service. Fraud is everywhere yet so is your competition. Enterprises are constantly seeking to delight their customers while balancing experience and security. It’s a challenging problem that’s getting tougher every year. So how can you securely engage with your customers, and gain their trust of you during sensitive exchanges, in a way that doesn’t add frustration to the process? The answer is Privakey. Transaction intent verification (TIV) is the combination of strong identity assurance and contextual response into one intuitive user experience. Common examples of TIV include payment confirmations, wire transfer approvals and account update acknowledgements. Our solution utilizes asymmetric cryptography, mobile biometrics and secure notifications to ensure the integrity of every exchange. -
46
Box KeySafe
Box
Securely manage your own encryption keys. With Box KeySafe, you have complete, independent control over your encryption keys. All key usage is unchangeable and includes a detailed record of key usage, so you can track exactly why your organization’s keys are being accessed — with no impact on user experience. If you ever see suspicious activity, your security team can cut off access to the content at any time. And it's all on top of the enterprise-grade security and compliance you get with the leading Content Cloud. We leverage Key Management Services (KMS) from Amazon Web Services (AWS) and Google Cloud Platform (GCP) to help you manage your encryption keys. Box KeySafe supports AWS KMS Custom Key Store and GCP Cloud HSM KMS to provide the control and protection of a dedicated hardware security module (HSM), without requiring you to manage any hardware.Starting Price: $130 per month -
47
Vaultody
Vaultody
Vaultody is an advanced digital security platform designed to protect and manage digital assets with cutting-edge technology. Combining Secure Multiparty Computation (MPC) and encryption, Vaultody safeguards cryptocurrencies, private keys, certificates, and sensitive data from unauthorized access and cyber threats. Tailored for businesses and financial institutions, Vaultody offers comprehensive enterprise key management, enabling seamless, secure transactions and asset control from anywhere in the world. With global accessibility, multi-signature authentication, and powerful automation, Vaultody provides unparalleled protection, making it the ultimate solution for secure, efficient digital asset managementStarting Price: $299 -
48
KMS leverages a third-party certified hardware security module (HSM) to generate and protect keys, and utilizes secure data transfer protocols, distributed clustered service deployment and hot backup for guaranteed availability. The security and quality control practices adopted by KMS are accredited by multiple compliance schemes. The Key Management Service provides you with rich management features, including key creation, enabling, disabling, rotation settings, alias settings, viewing key details, and modifying related information. KMS console is integrated with CAM and Cloud Monitor, enabling you to create keys easily for access control. Management operations and keys usages are also logged. KMS allows you to use your own key to encrypt and decrypt sensitive data by implementing Bring Your Own Key (BYOK) solution.
-
49
Virtru
Virtru
Easily control access to sensitive data flowing in and out of your organization via email, file sharing, and other applications. All powered by the Trusted Data Format and Virtru’s industry-leading platform for Zero Trust Data Control. Virtru integrates natively within the apps your teams already use, securing workflows in Google, Microsoft 365, Salesforce, Zendesk, and more. We make military-grade encryption accessible to everyone. Deploy Virtru across your organization in less than a day and meet your compliance goals. Granular access controls safeguard your most valuable asset — your data — throughout its entire lifecycle, everywhere it travels. Collaborate securely in Docs, Sheets, and Slides. Store and share files in Drive. Message via Gmail and Google Meet. Secure messages flowing through enterprise and custom apps. Seamlessly protect emails and files shared via Outlook. -
50
Keywhiz
Keywhiz
Keywhiz is a system for managing and distributing secrets. It can fit well with a service oriented architecture (SOA). Here is an overview in presentation format. Common practices include putting secrets in config files next to code or copying files to servers out-of-band. The former is likely to be leaked and the latter difficult to track. Keywhiz makes managing secrets easier and more secure. Keywhiz servers in a cluster centrally store secrets encrypted in a database. Clients use mutually authenticated TLS (mTLS) to retrieve secrets they have access to. Authenticated users administer Keywhiz via CLI. To enable workflows, Keywhiz has automation APIs over mTLS. Every organization has services or systems that require secrets. Secrets like TLS certificates/keys, GPG keys, API tokens, database credentials. Keywhiz is reliable and used in production, however occasional changes may break API backward compatibility.