Alternatives to CyberArk Machine Identity Security
Compare CyberArk Machine Identity Security alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to CyberArk Machine Identity Security in 2026. Compare features, ratings, user reviews, pricing, and more from CyberArk Machine Identity Security competitors and alternatives in order to make an informed decision for your business.
-
1
GitGuardian
GitGuardian
GitGuardian is an end-to-end NHI security platform that empowers software-driven organizations to enhance their Non-Human Identity (NHI) security and comply with industry standards. With attackers increasingly targeting NHIs, such as service accounts and applications, GitGuardian integrates Secrets Security and NHI Governance. This dual approach enables the detection of compromised secrets across your dev environments while also managing non human identities and their secrets lifecycle. The platform supports over 450+ types of secrets, offers public monitoring for leaked data, and deploys honeytokens for added defense. Trusted by over 600,000 developers, GitGuardian is the choice of leading organizations like Snowflake, ING, BASF and Bouygues Telecom for robust secrets protection.Starting Price: $0 -
2
SharePass
SharePass
SharePass is a SaaS Secret Management platform that allows sharing and managing secrets and confidential information using a web application, extension, or mobile app. SharePass works with encrypted links transmitted from the sender to the receiver with various settings and flags. The settings include expiry restriction, availability, IP restrictions and an entire filtering funnel (patent pending). SharePass is platform-independent that can be used with your existing communication tools. When it comes to your privacy, SharePass or any of its employees cannot see the content of your secrets; the secrets can be seen only by the exchanging parties. SharePass meets the latest cybersecurity compliance and regulations. In the era of identity theft, SharePass will protect you and prevent your data from leaking to the dark web by eliminating your digital footprint. SharePass supports SSO with Office365, Google Workspace, MFA, and integration with Yubikeys for maximum security.Starting Price: Free -
3
Doppler
Doppler
Stop struggling with scattered API keys, hacking together home-brewed configuration tools, and avoiding access controls. Give your team a single source of truth with Doppler. The best developers automate the pain away. Create references to frequently used secrets in Doppler. Then when they need to change, you only need to update them once. Your team's single source of truth. Organize your variables across projects and environments. The scary days of sharing secrets over Slack, email, git, zip files, are over. After adding a secret, your team and their apps have it instantly. Like git, the Doppler CLI smartly knows which secrets to fetch based on the project directory you are in. Gone are the futile days of trying to keep ENV files in sync! Practice least privilege with granular access controls. Reduce exposure when deploying with read-only service tokens. Contractor needs access to just development? Easy!Starting Price: $6 per seat per month -
4
Sonrai Security
Sonraí Security
Identity and Data Protection for AWS, Azure, Google Cloud, and Kubernetes. Sonrai’s public cloud security platform provides a complete risk model of all identity and data relationships, including activity and movement across cloud accounts, cloud providers, and 3rd party data stores. Uncover all identity and data relationships between administrators, roles, compute instances, serverless functions, and containers across multi-cloud accounts and 3rd-party data stores. Inside the platform, our critical resource monitor continuously monitors your critical data sitting inside object stores (e.g. AWS S3, Azure Blob) and database services (e.g. CosmosDB, Dynamo DB, RDS). Privacy and compliance controls are monitored across multiple cloud providers and 3rd party data stores. Resolutions are coordinated with relevant DevSecOps teams. -
5
SentinelOne Singularity
SentinelOne
One intelligent platform. Unprecedented speed. Infinite scale. Singularity™ enables unfettered visibility, industry-leading detection, and autonomous response. Discover the power of AI-powered, enterprise-wide cybersecurity. The world’s leading enterprises use the Singularity platform to prevent, detect, and respond to cyber attacks at machine-speed, greater scale, and higher accuracy across endpoint, cloud, and identity. SentinelOne delivers cutting-edge security with this platform by offering protection against malware, exploits, and scripts. SentinelOne cloud-based platform has been perfected to be innovative compliant with security industry standards, and high-performance whether the work environment is Windows, Mac or Linux. Thanks to constant updating, threat hunting, and behavior AI, the platform is ready for any threat.Starting Price: $45 per user per year -
6
CertSecure Manager
Encryption Consulting LLC
An all-in-one solution for certificate management that helps to automate and seamlessly manage all certificates across different Cloud Environments, On-Premises, Hybrid IT Environments and Kubernetes Clusters. It manages certificates during entire lifecycle including certificate issuance, monitoring, renewal and revocation. -
7
CodeSign Secure
Encryption Consulting LLC
Our platform guarantees unmatched security and high performance for all your cryptographic needs, ensuring the integrity and authenticity of your software. CodeSign Secure provides advanced insights, cloud-based HSM key management, and policy enforcement for robust practices. Experience seamless integration with Dev Ops CI/CD and streamlined workflows for hands-free code signing. -
8
Token Security
Token Security
Token Security accelerates secure enterprise adoption of Agentic AI by discovering, managing, and governing every AI agent and non-human identity across the organization. From continuous visibility to least-privilege enforcement and lifecycle management, Token Security provides complete control over AI and machine identities, eliminating blind spots, reducing risk, and ensuring compliance at scale. -
9
Akeyless Identity Security Platform
Akeyless
Akeyless delivers identity security for an era shaped by automation and AI. The cloud-native platform secures machines, AI agents, and human access across hybrid, multi-cloud, and on-prem environments. It provides a practical path to secretless, identity-based access through secrets management, certificate lifecycle management and PKI, PAM, and unified governance. Akeyless is built on a cryptography foundation that combines encryption, key management, and Distributed Fragments Cryptography to keep sensitive material under customer control and protected from post-quantum threats. With integrations for cloud IAM, Kubernetes, CI/CD, and MCP-based AI agent workflows, teams can adopt and scale AI agents securely without expanding risk. Akeyless Jarvis™ delivers identity intelligence to surface risky access and strengthen oversight. -
10
HashiCorp Vault
HashiCorp
Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API. Secure applications and systems with machine identity and automate credential issuance, rotation, and more. Enable attestation of application and workload identity, using Vault as the trusted authority. Many organizations have credentials hard coded in source code, littered throughout configuration files and configuration management tools, and stored in plaintext in version control, wikis, and shared volumes. Safeguarding and ensuring that a credentials isn’t leaked, or in the likelihood it is, that the organization can quickly revoke access and remediate, is a complex problem to solve. -
11
AWS Certificate Manager
Amazon
AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet as well as resources on private networks. AWS Certificate Manager removes the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates. SSL, and its successor TLS, are industry standard protocols for encrypting network communications and establishing the identity of websites over the Internet. SSL/TLS provides encryption for sensitive data in transit and authentication using SSL/TLS certificates to establish the identity of your site and secure connections between browsers and applications and your site. -
12
CyberArk Workforce Identity
CyberArk
Empower your workforce with simple and secure access to business resources with CyberArk Workforce Identity. Your users need quick access to a variety of business resources. You need confidence it’s them knocking – not an attacker. With CyberArk Workforce Identity, you can empower your workforce while keeping threats out. Clear the path for your team to propel your business to new heights. Validate identities with strong AI-powered, risk aware and password-free authentication. Streamline management of application access requests, creation of app accounts, and termination of access. Keep workers working, not logging in and out. Make intelligent access decisions based on AI-powered analytics. Enable access across any device, anywhere at just the right time. -
13
KeyScaler
Device Authority
KeyScaler® is a purpose-built device identity centric IAM platform for IoT and Blockchain. It allows customers to securely register, provision and connect devices to IoT platforms, applications and services. The platform simplifies the process of establishing a robust, end-to-end security architecture within the IoT and deliver efficiencies at scale through security automation, without human intervention. With the enormous and dynamic scale of the IoT where new devices are continually being provisioned, this process rapidly becomes unmanageable without automation. The IoT demands an approach to identification that starts with individual devices – authenticated automatically and dynamically, with no manual intervention required. Device Authority has developed a flexible device interface protocol that interoperates with KeyScaler® for delivering automated PKI for IoT devices - providing two alternatives for device authentication. -
14
CyberArk Customer Identity
CyberArk
Delight your customers with easy and secure access to your websites and apps that keep them loyal to your business. Expectations for great digital experiences are at an all-time high. Meanwhile, the attack surface is more porous than ever. With CyberArk Customer Identity, you can securely open up your websites and apps to customers with confidence. Seamless integration, intuitive access controls and frictionless sign-on experience. Privacy, consent and identity verification in one platform. Pre-built widgets and open APIs to reduce development effort. Secure access to business apps for human and machine identities. Secure access for machine identities within the DevOps pipeline. Reduce complexity and burden on IT while improving protection of the business. Provide secure single sign-on access to your apps and services. -
15
Entro
Entro Security
Non-Human Identity & Secrets Security Platform. A pioneer in non-human identity management, Entro enables organizations to securely utilize non-human identities and secrets, overseeing their usage and automating their lifecycle from inception to rotation. Secrets-based cyber attacks are devastating and growing as more and more secrets are created by R&D teams and spread across various vaults and repositories with no real secret management, monitoring, or security oversight. Streamline and secure your non-human identity lifecycle management. With Entro, security teams can now oversee and protect Non-human identities with automated lifecycle management and seamless integration, ensuring comprehensive security & compliance through a unified interface. -
16
ARIA KMS
ARIA Cybersecurity Solutions
The ARIA Key Management Server (KMS) application automatically manages the generation and distribution of encryption keys to handle all of the lifecycle requirements for key management. Highly scalable encryption key management with the ability to generate thousands of keys per minute, ARIA KMS is the ideal solution for per-data or per-application transactions. Delivers the flexibility to meet specialized encryption needs, such as software applications, hardened high availability appliances, or zero footprint PCIe adapters. Eliminates risk with automated configuration and management of KMS. Deploys encryption key management in one hour or less, with no specialized knowledge. Secures on-premises, cloud, or in-cloud deployments. Supports bring your own key (BYOK) security models. -
17
Keyfactor EJBCA
Keyfactor
EJBCA is an Enterprise grade PKI platform capable of issuing and managing digital certificates in the billions. One of the most used PKI platforms globally, it is used by governments and large enterprises across all sectors. PKI shouldn't be complex. Simplify it, with EJBCA® Enterprise, the only PKI platform that deploys fast, runs anywhere, and scales on-demand — so you can issue and manage thousands, even billions of certificates, no problem. Powered by the most trusted and widely used open-source PKI, EJBCA Enterprise empowers teams to establish trust with identity-first security for every human and machine, anywhere. Replace legacy CA solutions with a flexible and scalable PKI platform to issue and manage certificates for devices, workloads, and users. Embed certificate-based identity into thousands or millions of connected products with a fast and scalable PKI solution. -
18
CyberArk Secure Cloud Access
CyberArk
CyberArk Secure Cloud Access protects cloud identities by managing access securely across multi-cloud environments without compromising user experience. It centralizes control with granular access policies and just-in-time privilege granting, helping reduce risk while maintaining productivity. Designed to integrate seamlessly with existing workflows, it ensures secure and efficient cloud access for developers, engineers, and administrators. -
19
HID IdenTrust
HID
Comprehensive lifecycle management of every certificate in your network for on-premise or cloud-based PKI deployments. Easily migrate from existing certificate authority with policy-based automated issuance, renewal and revocation, eliminating manual processes and related errors. Enterprises increasingly rely on public key infrastructure (PKI) to secure machines, devices, and human access using keys and digital certificates. In partnership with Keyfactor, HID IdenTrust offers a way to simplify PKI and automate certificate lifecycle management at scale. HID IdenTrust delivers cloud-based managed PKI to issue public, private or U.S. Government interoperable (FBCA) digital certificates to secure websites, network and IoT devices, and workforce identities. Discover every certificate across network and cloud environments with real-time inventory of public and private CAs, distributed SSL/TLS discovery tools, and direct integration with key and certificate stores. -
20
ManageEngine Key Manager Plus is a web-based key management solution that helps you consolidate, control, manage, monitor, and audit the entire life cycle of SSH (Secure Shell) keys and SSL (Secure Sockets Layer) certificates. It provides visibility into the SSH and SSL environments and helps administrators take total control of the keys to preempt breaches and compliance issues. Similarly, managing a Secure Socket Layer (SSL) environment can be daunting when organizations use a large number of SSL certificates issued by different vendors with varying validity periods. On the other hand, SSL certificates left unmonitored and unmanaged could expire, or rogue/invalid certificates could be used. Both scenarios could lead to service downtime or display of error messages that would destroy customer trust in data security and, in extreme cases, even result in security breaches.Starting Price: $595 per year
-
21
Defakto
Defakto
Defakto secures every automated interaction by issuing short-lived, verifiable identities to non-human actors such as services, pipelines, AI agents, and machines, eliminating static credentials, API keys, and standing privileges. Their unified non-human identity and access management solution enables discovery of unmanaged identities across cloud, on-premises, and hybrid environments, issuance of dynamic identities at runtime tied to policy, enforcement of least-privilege access, and full audit-ready logging. The product consists of modules; Ledger for continuous discovery and governance of non-human identities; Mint for automated issuance of purpose-bound, ephemeral identities; Ship for secretless CI/CD workflows where hard-coded credentials are removed; Trim for automatic right-sizing of access and removal of over-privileged service accounts; and Mind for securing AI agents and large-language models with the same identity model used for workloads. -
22
Azure Key Vault
Microsoft
Enhance data protection and compliance with Key Vault. Secure key management is essential to protect data in the cloud. Use Azure Key Vault to encrypt keys and small secrets like passwords that use keys stored in hardware security modules (HSMs). For more assurance, import or generate keys in HSMs, and Microsoft processes your keys in FIPS validated HSMs (hardware and firmware) - FIPS 140-2 Level 2 for vaults and FIPS 140-2 Level 3 for HSM pools. With Key Vault, Microsoft doesn’t see or extract your keys. Monitor and audit your key use with Azure logging—pipe logs into Azure HDInsight or your security information and event management (SIEM) solution for more analysis and threat detection. -
23
Keyfactor Command
Keyfactor
Join the world’s leading enterprises running on the most complete and scalable managed PKI as-a-Service. Get all the advantages of PKI without the complexity. Whether it is securing your network, sensitive data, or connected devices, you turn to PKI as the proven technology to establish trust. But building and running your PKI is a complex and expensive undertaking. Getting it right is critical, but it’s not an easy feat. Finding and retaining the right people with the right skillsets, adherence to industry standards, and the expense of hardware and software required to run a robust PKI are all serious challenges — not to mention all that is at stake when something goes wrong. Easily organize and manage your inventory and set proactive alerts to notify users of expired or non-compliant certificates before they become a headache. -
24
Nexus Smart ID Corporate PKI
Nexus Group
Issue, manage and automate PKI certificates for people, services and devices to enable strong authentication, data confidentiality, integrity and digital signatures, with Smart ID Corporate PKI. A corporate public-key infrastructure can issue and manage trusted identities for people, devices and services, forming the basis of information security in an organization. Smart ID provides a reliable foundation, including roles, policies and procedures, for issuing and managing trusted, certificate-based identities. Smart ID corporate PKI is a flexible and scalable solution that can be used by any organization to issue, manage and validate certificate-based digital identities for mixed endpoint environments that include people, infrastructure and things. Based on standard products that are proven in business-critical environments and made in Sweden. -
25
AVX ONE
AppViewX
AVX ONE is the most advanced SaaS certificate lifecycle management (CLM) platform for enterprise PKI, IAM, security, DevOps, cloud, platform and application teams. With visibility, automation and control of certificates and keys, AVX ONE enables crypto-agility to rapidly respond to cryptographic changes, mitigate threats, prevent outages and prepare for Post-Quantum Cryptography. In one unified platform, AppViewX provides instant value via enterprise-wide CLM, Kubernetes and container TLS automation, scalable PKI-as-a-Service, easy Microsoft PKI modernization, secure code signing, IoT identity security, SSH management, and Post-Quantum Cryptography (PQC) readiness with AI and ML risk reduction capabilities in complex hybrid, multi-cloud and edge environments. -
26
GaraSign
Garantir
There are many excellent enterprise security tools to choose from. Some are managed on-premise, others are consumed as a service, and others still use a hybrid model. The challenge enterprises face is not a lack of tools or solutions, but rather a lack of seamless interconnectivity between these privileged access management tools and a single place to manage and audit them. GaraSign is a platform that allows enterprises to securely and efficiently integrate their security systems in a way that does not disrupt existing business processes. By factoring out what’s common, GaraSign is able to centralize and simplify the management of your enterprise’s most sensitive areas, including privileged access management (PAM), privileged identity management, secure software development, code signing, data security, PKI & HSM solutions, DevSecOps, and more. Enterprise security leaders must attend to data security, privileged access management (PAM), privileged identity management, etc. -
27
Teleport
Teleport
The Teleport Infrastructure Identity Platform modernizes identity, access, and policy for infrastructure, for both human and non-human identities, improving engineering velocity and resiliency of critical infrastructure against human factors and/or compromise. Teleport is purpose-built for infrastructure use cases and implements trusted computing at scale, with unified cryptographic identities for humans, machines and workloads, endpoints, infrastructure assets, and AI agents. Our identity-everywhere approach vertically integrates access management, zero trust networking, identity governance, and identity security into a single platform, eliminating overhead and operational silos. -
28
Protect your file and database data from misuse and help comply with industry and government regulations with this suite of integrated encryption products. IBM Guardium Data Encryption consists of an integrated suite of products built on a common infrastructure. These highly-scalable solutions provide encryption, tokenization, data masking and key management capabilities to help protect and control access to databases, files and containers across the hybrid multicloud—securing assets residing in cloud, virtual, big data and on-premise environments. Securely encrypting file and database data with such functionalities as tokenization, data masking and key rotation can help organizations address compliance with government and industry regulations, including GDPR, CCPA, PCI DSS and HIPAA. Guardium Data Encryption's capabilities—such as data access audit logging, tokenization, data masking and key management—help meet regulations such as HIPAA, CCPA or GDPR.
-
29
GlobalSign
GlobalSign
GlobalSign is the leading provider of trusted identity and security solutions. Enabling businesses, large enterprises, cloud service providers and IoT innovators around the world to secure online communications, manage millions of verified digital identities and automate authentication and encryption. Its high-scale Public Key Infrastructure (#PKI) and identity solutions support the billions of services, devices, people and things comprising the Internet of Everything (#IoE). GlobalSign is an identity services company providing cloud-based, highly scalable PKI solutions for enterprises needing to conduct safe commerce, communications, content delivery and community interactions. Our identity and security solutions enable businesses, large enterprises, cloud-based service providers and IoT innovators around the world to conduct secure online communications, manage millions of verified digital identities and automate authentication and encryption. -
30
Secure your container environment on GCP, GKE, or Anthos. Containerization allows development teams to move fast, deploy software efficiently, and operate at an unprecedented scale. As enterprises create more containerized workloads, security must be integrated at each stage of the build-and-deploy life cycle. Infrastructure security means that your container management platform provides the right security features. Kubernetes includes security features to protect your identities, secrets, and network, and Google Kubernetes Engine uses native GCP functionality—like Cloud IAM, Cloud Audit Logging, and Virtual Private Clouds—and GKE-specific features like application layer secrets encryption and workload identity to bring the best of Google security to your workloads. Securing the software supply chain means that container images are safe to deploy. This is how you make sure your container images are vulnerability free and that the images you build aren't modified.
-
31
Sophos Cloud Native Security
Sophos
Complete multi-cloud security coverage across environments, workloads, and identities. Boost efficiency with a single integrated cloud security platform. Sophos Cloud Native Security unifies security tools across workloads, cloud environments, and entitlements management. Integrated with SIEM, collaboration, workflow, and DevOps tools to increase agility across an organization. Your cloud environments need to be tough, hard to compromise and quick to recover. Our comprehensive and intuitive security and remediation tools can be managed by your security teams, or via Managed Services to fast-track your cyber resilience to best meet the security incidents of today. Leverage our extended detection and response (XDR) tools to identify and stop malware, exploits, misconfigurations, and anomalous behaviors. Hunt for threats, prioritize detections, and automatically connect security events to optimize investigation and response. -
32
iSecurity Field Encryption
Raz-Lee Security
iSecurity Field Encryption protects sensitive data using strong encryption, integrated key management and auditing. Encryption is vital for protecting confidential information and expediting compliance with PCI-DSS, GDPR, HIPAA, SOX, other government regulations and state privacy laws. Ransomware attacks any file it can access including connected devices, mapped network drivers, shared local networks, and cloud storage services that are mapped to the infected computer. Ransomware doesn’t discriminate. It encrypts every data file that it has access to, including the IFS files. Anti-Ransomware quickly detects high volume cyber threats deployed from an external source, isolates the threat, and prevents it from damaging valuable data that is stored on the IBM i while preserving performance. -
33
Unbound CORE Identity Security
Unbound Security
Authenticate users and machines and protect PKI – seamlessly across all locations and devices. Create virtual enclaves for mobile and for desktop with maximum security and without sacrificing the user experience. Authenticate user access and identify simply and securely with CORE virtual secure enclave SDK. Mobile, desktop, or server-side enabled – CORE keeps credentials safe even if the user’s personal device is compromised. Build virtual smartcards, protect mobile apps, and more with pure software agility. Integrate strong two-factor and multi-factor authentication into a mobile app – no hardware, no one-time password, no software token required. Replace traditional smartcards with virtual ones to authenticate employees and reduce operational strain and total cost of ownership. Protect machine and human electronic identities and the root certificate authority which oversees them. Protecting PII with maximum security, best user experience. -
34
Managing strong passwords and credentials is often a challenge. Ensuring they are stored properly, changed regularly, meet complexity and compliance requirements, and are auditable can be overwhelming to implement and manage. Current solutions for requesting and managing user access are outdated and inefficient. Processes are manual, complex, and don’t map to the core business initiatives driving change within the enterprise. Governance is often an afterthought, leaving many enterprises vulnerable to increased security risks and potential non-compliance with external regulations or internal corporate mandates. Visibility and control of NonStop user data directly from SailPoint IdentityIQ. Quickly detect risks and entitlement issues. Automate the provisioning process. Address account compliance concerns. SailPoint certified integration. CyberArk certified integration. Integrated with XYGATE Suite.
-
35
Sectigo
Sectigo
Global leader in cybersecurity solutions to secure websites, connected devices, applications, and digital identities. Sectigo is a leading provider of digital identity solutions, including SSL / TLS certificates, DevOps, IoT, and enterprise-grade PKI (Public Key Infrastructure) management, as well as multi-layered web security. As the world's largest commercial Certificate Authority with more than 700,000 customers and over 20 years of experience in online trust, Sectigo partners with organizations of all sizes to deliver automated public and private PKI solutions for securing web servers, user access, connected devices, and applications. Recognized for its award-winning innovation and best-in-class global customer support, Sectigo has the proven performance needed to secure the digital landscape of today and tomorrow. Sectigo is the market leader in SSL / TLS certificates, DevOps, IoT, enterprise-grade PKI (Public Key Infrastructure) management, and multi-layered web security.Starting Price: $125 -
36
Clutch
Clutch
Clutch is addressing the increasingly critical challenge of non-human identity security within modern enterprises. As digital infrastructures expand and become more complex, the management and security of non-human identities, ranging from API keys and secrets to tokens and service accounts, have emerged as a pivotal yet often neglected aspect of cybersecurity. Recognizing this gap, Clutch is developing an enterprise platform dedicated to the comprehensive protection and management of these identities. Our solution is designed to fortify the digital backbone of enterprises, ensuring a secure, resilient, and trustworthy environment for their operations. Ever expanding, outpacing human identities by a staggering ratio of 45 to 1. Holds critical privileges and extensive access, essential for mission-critical automated processes. Lacks inherent security controls such as MFA and conditional access policies. -
37
Aembit
Aembit
Replace manual and insecure access to non-human identities with our automated and secretless Workload IAM platform. Manage your workload-to-workload access like you do your users: with automated, policy-based and identity-driven controls, so you can proactively eliminate the risk of non-human identities. Aembit boosts security by cryptographically verifying workload identities, in real time, ensuring that only trusted workloads have access to your sensitive data. Aembit injects short-lived credentials into requests just-in-time so you never have to store or protect secrets. Dynamically enforce access rights based on real-time evaluations of workload security posture, geography and other key behavioral characteristics. Aembit secures access amongst workloads in the cloud on-prem and in SaaS. -
38
StrongKey
StrongKey
StrongKey has been in the PKI business for almost 20 years, with implementations across the globe in a diverse range of applications. StrongKey Tellaro provides a full public key infrastructure (PKI) platform for managing keys and digital certificates. With a built-in hardware security module (HSM) and EJBCA server, customers are able to issue digital certificates with our Tellaro E-Series based on securely generated public keys. Private keys are generated and stored within the HSM. Our PKI management solution integrates with TLS/SSL, identity access management (IAM), digital signature, secrets management, and device management systems. StrongKey Tellaro is a comprehensive software suite that provides strong authentication, encryption, tokenization, PKI management, and digital signature management. Our open-source software includes a FIDO® Certified FIDO2 server, and we support flexible data center and cloud deployment models. -
39
IBM Guardium Key Lifecycle Manager centralizes, simplifies and automates the encryption key management process to help protect encrypted data and simplify encryption key management. It offers secure, robust key storage, key serving and key lifecycle management for self-encrypting applications and solutions using interoperability protocols including KMIP, IPP and REST. Guardium Key Lifecycle Manager helps customers meet regulations such as PCI DSS, Sarbanes-Oxley and HIPAA by providing access control, key rotation and other automated key lifecycle management processes. Provides centralized, simplified and transparent key management through the secure storage of key material and the serving of keys at the time of use. Offers simple, secure integration with supported protocols including KMIP, IPP and REST. Reduces key management costs by automating the assignment and rotation of keys.
-
40
Vormetric Data Security Platform
Thales e-Security
The Vormetric Data Security Platform makes it easy and efficient to manage data-at-rest security across your entire organization. Built on an extensible infrastructure, the data security protection platform features multiple data security products that can be deployed individually or in combination to deliver advanced encryption, tokenization and centralized key management. This data security solution prepares your organization for the next security challenge and new compliance requirements at the lowest TCO. The Vormetric Data Security Platform is one data security platform, centrally managed for delivering comprehensive data security solutions. -
41
Symantec Data Center Security
Broadcom
Complete server protection, monitoring, and workload micro-segmentation for private cloud and physical on-premises data center environments. Security hardening and monitoring for private cloud and physical data centers with support for Docker containers. Agentless Docker container protection with full application control and integrated management. Block zero-day exploits with application whitelisting, granular intrusion prevention, and real-time file integrity monitoring (RT-FIM). Secure OpenStack deployments with full hardening of Keystone identity service module. Data center security: monitoring. Continuous security monitoring of private cloud and physical on-premises data center environments. Optimize security performance in VMware environments with agentless antimalware protection, network intrusion prevention, and file reputation services. -
42
EncryptRIGHT
Prime Factors
EncryptRIGHT simplifies application-level data protection, delivering robust encryption, tokenization, dynamic data masking, and key management functionality, along with role-based data access controls and a data-centric security architecture, to secure sensitive data and enforce data privacy. EncryptRIGHT is architected to deploy quickly with very little integration effort and scale from a single application to thousands of applications and servers on premises or in the cloud. Our unique Data-Centric Security Architecture allows information security teams to comprehensively define an EncryptRIGHT Data Protection Policy (DPP) and to bind the policy to data itself, protecting it regardless of where the data is used, moved or stored. Programmers do not need to have cryptography expertise to protect data at the application layer – they simply configure authorized applications to call EncryptRIGHT and ask for data to be appropriately secured or unsecured in accordance with its policy.Starting Price: $0 -
43
Salesforce Shield
Salesforce
Salesforce Shield is a comprehensive data security and compliance solution designed to protect sensitive information across the Salesforce platform. It provides advanced tools to monitor user activity, encrypt data, track changes, and detect sensitive information in real time. With Event Monitoring, organizations gain granular visibility into user behavior, API activity, and system performance through detailed event logs. Platform Encryption allows businesses to encrypt sensitive data at rest while maintaining control over encryption keys and compliance requirements. Field Audit Trail extends data history tracking to strengthen integrity and support forensic-level compliance. Data Detect uses intelligent pattern matching to identify and classify sensitive information such as credit card numbers and personal identifiers. Together, these capabilities help organizations mitigate risk, meet regulatory standards, and securely deploy AI-powered solutions like Agentforce.Starting Price: $25 per month -
44
This document provides an overview of Active Directory Certificate Services (AD CS) in Windows Server® 2012. AD CS is the Server Role that allows you to build a public key infrastructure (PKI) and provide public key cryptography, digital certificates, and digital signature capabilities for your organization. AD CS provides customizable services for issuing and managing digital certificates used in software security systems that employ public key technologies. The digital certificates that AD CS provides can be used to encrypt and digitally sign electronic documents and messages. These digital certificates can be used for authentication of computer, user, or device accounts on a network. You can use AD CS to enhance security by binding the identity of a person, device, or service to a corresponding private key. AD CS gives you a cost-effective, efficient, and secure way to manage the distribution and use of certificates.
-
45
AQtive Guard
SandboxAQ
AQtive Guard is a cybersecurity platform that helps organizations secure and manage cryptographic assets and non-human identities (NHIs) such as AI agents, keys, certificates, algorithms, and machine identities across their entire IT environment. It delivers continuous discovery and real-time visibility into NHIs and cryptography, integrating with existing security tools, cloud providers, and repositories to provide a unified view of security posture. Using advanced AI and large quantitative models, the platform analyzes vulnerabilities, prioritizes risks, and offers actionable insights with automated remediation workflows to fix issues and enforce policies such as credential rotation or certificate renewal. AQtive Guard supports compliance with evolving standards, including new NIST cryptographic protocols, and enables lifecycle management of cryptographic assets to reduce risk from current and future threats. -
46
Oasis Security
Oasis Security
Oasis Security provides the first enterprise platform purpose-built to secure the complete lifecycle of NHIs. Oasis continuously analyzes your environment to identify, classify and resolve security risks related to all Non-Human Identities. Auto-discovers all NHIs (Non-Human Identities). Oasis seamlessly connect with your environment and in minutes automatically creates a comprehensive inventory of all Non-Human Identities, providing a consolidated single pane of glass. Automatically assesses and ranks posture issues. The platform conducts automated assessments of the system's posture, meticulously evaluating its configuration and compliance. It then ranks posture issues based on their severity, allowing for a prioritized approach to addressing Non-Human Identity risks. Gives out-of-the-box remediation plans to shorten resolution. In addition to identifying issues, the platform goes a step further by offering pre-configured remediation plans. -
47
CyberArk Conjur
CyberArk
A seamless open source interface to securely authenticate, control and audit non-human access across tools, applications, containers and cloud environments via robust secrets management. Secrets grant access to applications, tools, critical infrastructure and other sensitive data. Conjur secures this access by tightly controlling secrets with granular Role-Based Access Control (RBAC). When an application requests access to a resource, Conjur authenticates the application, performs an authorization check against the security policy and then securely distributes the secret. Security policy as code is the foundation of Conjur. Security rules are written in .yml files, checked into source control, and loaded onto the Conjur server. Security policy is treated like any other source control asset, adding transparency and collaboration to the organization’s security requirements. -
48
TokenEx
TokenEx
Alongside Payment Card Information (PCI), Personally Identifiable Information (PII) also known as personal information and Protected Health Information (PHI) have become a favorite target of hackers. TokenEx can tokenize any type of data, so PII, PHI, PCI, ACH, etc. can be safely vaulted away from business systems and replaced with tokens that are mathematically unrelated to the original data and, thus, useless to data thieves. Tokenization offers virtually unlimited flexibility in how you store, access, and secure your sensitive data sets. -
49
Powertech Encryption for IBM i protects sensitive data using strong encryption, tokenization, integrated key management and auditing. Powertech Encryption allows organizations to encrypt database fields, backups and IFS files quickly and effectively with its intuitive screens and proven technology. Our database encryption software allows organizations to encrypt database fields, backups, and IFS files quickly and effectively with its intuitive screens and proven technology. Organizations around the world depend on Powertech Encryption to help secure confidential data on IBM i (iSeries, AS/400), as well as data from distributed systems, from both external hackers and unauthorized internal users.
-
50
Ubiq
Ubiq Security
Encrypt your most sensitive data before it leaves the application, so the storage layer – and adversaries – only ever see ciphertext. Application-native client-side encryption protects data from sophisticated attackers, supply-chain attacks, and insider threats. Most at-rest encryption solutions – transparent disk encryption, full disk encryption, etc. – are ineffective against modern threats because they grant admins, key processes, and attackers (who exploit privileged access) implicit access to plaintext data. Eliminate this gap and bridge the divide between engineering, security, and compliance teams with Ubiq’s developer-first, encryption-as-code platform. Lightweight, prepackaged code and open source encryption libraries that quickly integrate into any application type for native client-side encryption and set-and-forget key management.Starting Price: $0.001 per encrypt
