Alternatives to Delinea Cloud Access Controller
Compare Delinea Cloud Access Controller alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Delinea Cloud Access Controller in 2026. Compare features, ratings, user reviews, pricing, and more from Delinea Cloud Access Controller competitors and alternatives in order to make an informed decision for your business.
-
1
Frontegg
Frontegg
Frontegg is a Customer Identity and Access Management (CIAM) platform that simplifies authentication, authorization, and user management for SaaS companies. It enables developers to implement advanced identity features quickly, then shift ongoing administration to other teams. With Frontegg, Product, Infosec, and Customer Success teams can take control of key identity tasks like managing user roles, enforcing security policies, and handling customer requests, all without engineering support. Developers reduce toil and regain focus on core product work, while stakeholders move faster without bottlenecks. Frontegg supports modern identity features including SSO, MFA, role-based access control, entitlements, multi-tenancy, and audit logs. Its low-code platform integrates in days and provides a user-friendly admin portal that bridges technical and non-technical teams. Frontegg increases operational efficiency, improves security posture, and enhances the customer experience. -
2
Auth0
Okta
Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity Company™. Auth0 lets you quickly integrate authentication and authorization for web, mobile, and legacy applications, with new Fine Grained Authorization (FGA) that goes beyond role-based access control. Authenticate users across all applications with a customized, secure, and standards-based single login. Universal Login connects users to a central authorization server. Credentials aren’t transferred across sources, which boosts security and protects against phishing and credential stuffing attacks. OAuth 2.0 recommends that only external user agents (like the browser) be used by native applications for authentication flows. Auth0’s Universal Login achieves this while enabling SSO. -
3
Uniqkey
Uniqkey
Uniqkey: Protect every login. Access with confidence. Uniqkey is Europe’s trusted password and access management platform - purpose-built for companies that demand security, simplicity, and control. Engineered by European cybersecurity experts, our platform combines military-grade encryption with an effortless user experience. We remove complexity from everyday workflows, helping employees stay secure without slowing them down. From auto-filling 2FA codes to streamlining access across your cloud environment, Uniqkey keeps security frictionless and productivity high. With real-time visibility across your entire infrastructure, IT teams gain complete control over access rights, employee activity, and security scores - empowering them to defend against threats and drive compliance with confidence proactively. Seamlessly integrated with Microsoft and other core systems, Uniqkey makes provisioning and offboarding fast, automated, and secure. -
4
SolarWinds Access Rights Manager
SolarWinds
SolarWinds® Access Rights Manager is designed to assist IT & security administrators in quickly & easily provisioning, deprovisioning, managing, & auditing user access rights to systems, data, & files, so they can help protect their organizations from the potential risks of data loss and breaches. By analyzing user authorizations & access permissions, you get visualization of who has access to what, and when they accessed it. Customized reports can be generated to help demonstrate compliance with many regulatory requirements. Provision & deprovision users via role-specific templates to help assure conformity of access privilege delegation, in alignment with security policies. -
5
The OptimalCloud
Optimal IdM
The OptimalCloud platform is a full featured, award winning, SSO Federation & IAM solution that provides a single point of authentication, policy management and auditing for a seamless end user experience. The OptimalCloud is deployed in workforce and consumer scenarios, used by some of the most recognizable companies on the globe, and used in some of the most secure environments in the world. Each feature-rich pricing tier comes with multi-factor authentication (MFA), because proper security shouldn't cost extra. The OptimalCloud is integrated with more than eleven thousand applications, simplifying set up and configuration and also has 24 x 7 x 365 support with a guaranteed uptime of 99.99%.Starting Price: $2/user/month -
6
Zluri
Zluri
Zluri is a cloud-native SaaSOps platform enabling modern enterprises with SaaS Management, Access Management, and Access Review capabilities. Zluri empowers IT and Security teams to gain visibility into their SaaS landscape, unlock recurring savings, & securely manage access with provisioning and de-provisioning of users. Zluri’s technology is powered by an Authknox engine, and assisted by an Automation engine, enabling companies to navigate & control complex SaaS ecosystems easily. Trusted by over 250 global customers, Zluri is committed to delivering innovative, reliable, and scalable solutions that empower organizations to optimize their SaaS usage, ensure compliance, and enhance Access Management practices. -
7
SecurEnds
SecurEnds
SecurEnds cloud software enables the world’s most forward-thinking companies to automate: User Access Reviews, Access Certifications, Entitlement Audits, Access Requests, and Identity Analytics. Load employee data from a Human Resources Management System (e.g., ADP, Workday, Ultipro, Paycom) using built-in SecurEnds connectors or files. Use built-in connectors and flex connectors to pull identities across enterprise applications (e.g., Active Directory, Salesforce, Oracle), databases (e.g., SQL Server, MySQL, PostreSQL), and cloud applications (e.g., AWS, Azure, Jira). Perform user access reviews by role or attribute as frequently as needed. Application owners can use delta campaigns to track any changes since the last campaign. Send remediation tickets directly to application owners to perform access updates. Auditors can also be granted access to review dashboards and remediations. -
8
BetterCloud
BetterCloud
BetterCloud is the category creator and market leader for SaaS Management. We provide IT, security and procurement professionals the only unified SaaS Lifecycle Management platform to track your applications, manage spend and expenses, automate user permissions and access, monitor compliance and mitigate risk by securing your cloud files. With hundreds of integrations, BetterCloud provides complete visibility across your entire SaaS ecosystem. Our no-code automation enables zero-touch workflows that are critical for streamlining IT processes and eliminating manual work. Thousands of forward-thinking organizations like Oscar Health, Blue Apron, Seismic and BuzzFeed trust BetterCloud to manage their SaaS environment. Our BetterCloud Guarantee provides the industry’s only platform guarantee — 3x ROI in 90 days. -
9
miniOrange
miniOrange
miniOrange is a premier Identity and Access Management platform offering Workforce and Customer Identity solutions to diverse industries from IT to eCommerce to manufacturing and many more. With miniOrange, you can configure Single Sign-On (SSO), Multi-Factor Authentication (MFA), set up custom rules or policies, and customize the login page for any cloud, on-premise, or in-house apps. Get pre-built integrations for 5000+ applications including legacy apps, cloud apps, and many more. Customers praise miniOrange’s outstanding support and their ability to provide customized solutions for unique use cases.Starting Price: $1 per user per month -
10
JumpCloud
JumpCloud
JumpCloud® delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. With JumpCloud, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform. Everything in One Platform Grant users Secure, Frictionless Access™ to everything they need to do their work however they choose. Manage it all in one unified view. Cross-OS Device Management Manage Windows, macOS, Linux, iOS, iPad, and Android devices. One Identity for Everything Connect users to thousands of resources with one set of secure credentials. Comprehensive Security Enforce device policies, patches, MFA, and other security and compliance measures. Automated Workflows Connect to whatever resources you need, including Microsoft Active Directory, Google Workspace, HRIS platforms, and more.Starting Price: $9/user -
11
CyberArk Conjur
CyberArk
A seamless open source interface to securely authenticate, control and audit non-human access across tools, applications, containers and cloud environments via robust secrets management. Secrets grant access to applications, tools, critical infrastructure and other sensitive data. Conjur secures this access by tightly controlling secrets with granular Role-Based Access Control (RBAC). When an application requests access to a resource, Conjur authenticates the application, performs an authorization check against the security policy and then securely distributes the secret. Security policy as code is the foundation of Conjur. Security rules are written in .yml files, checked into source control, and loaded onto the Conjur server. Security policy is treated like any other source control asset, adding transparency and collaboration to the organization’s security requirements. -
12
Bravura Identity
Bravura Security
Bravura Identity is an integrated solution for managing identities, groups and security entitlements across systems and applications. It ensures that users are granted access quickly, that entitlements are appropriate to business need and that access is revoked once no longer needed. Users have too many login IDs. A typical user in a large organization may sign into 10 to 20 internal systems. This complexity creates real business problems. Bravura Identity manages the lifecycles of identities, accounts, groups and entitlements. It includes automation to grant and revoke access, after detecting changes on systems of record. A web portal for access requests, profile updates and certification. Full lifecycle management for groups and roles on target systems. A workflow manager to invite people to approve requests, review access or complete tasks. Policy enforcement related to SoD, RBAC, risk scores, privacy protection and more. Reports, dashboards and analytics. -
13
Delinea Cloud Suite
Delinea
Simplify user authentication to servers from any directory service, including Active Directory, LDAP, and cloud directories such as Okta. Enforce the principle of least privilege with just-in-time and just enough privilege to minimize the risk of a security breach. Identify abuse of privilege, thwart attacks, and quickly prove regulatory compliance with a detailed audit trail and video recordings. Delinea’s cloud-based SaaS solution applies zero-trust principles to stop privileged access abuse and reduce security risks. Experience elastic scalability and performance, supporting multi-VPCs, multi-cloud, and multi-directory use cases. Single enterprise identity to securely log in anywhere. A flexible, just-in-time model with privilege elevation. Centrally manage security policies for users, machines, and applications. Apply MFA policies consistently across all your regulated and business-critical systems. Watch privileged sessions in real-time and instantly terminate suspicious sessions. -
14
Delinea Server Suite
Delinea
Easily consolidate complex and disparate identities for Linux and Unix within Microsoft Active Directory. Minimize the risk of a breach and reduce lateral movement with a flexible, just-in-time privilege elevation model. Advanced session recording, auditing, and compliance reporting aid forensic analysis into abuse of privilege. Centralize discovery, management, and user administration for Linux and UNIX systems to enable rapid identity consolidation into Active Directory. Privileged Access Management best practices are easy to follow with the Server Suite. The results are higher levels of identity assurance and a significantly reduced attack surface with fewer identity silos, redundant identities, and local accounts. Manage privileged user and service accounts from Windows and Linux in Active Directory. Just-in-time, fine-grained access control with RBAC and our patented Zones technology. Complete audit trail for security review, corrective action, and compliance reporting. -
15
Permify
Permify
Permify is an authorization service designed to help developers build and manage fine-grained, scalable access control systems within their applications. Inspired by Google's Zanzibar, Permify enables the structuring of authorization models, storage of authorization data in preferred databases, and interaction with its API to handle authorization queries across various applications and services. It supports multiple access control models, including Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC), allowing for the creation of granular permissions and policies. Permify centralized authorization logic, abstracting it from the codebase to facilitate easier reasoning, testing, and debugging. It offers flexible policy storage options and provides a role manager to handle RBAC role hierarchies. The platform also supports filtered policy management for efficient enforcement in large, multi-tenant environments.Starting Price: Free -
16
Zentry
Zentry Security
Least privileged application access with consistent security for any user, anywhere. Transient authentication provides granular, least-privileged access to mission-critical infrastructure. Zentry Trusted Access provides clientless, browser-based, streamlined zero-trust application access for small to medium-sized enterprises. Organizations see gains in security posture and compliance, a reduced attack surface, and greater visibility into users and applications. Zentry Trusted Access is a cloud-native solution that is simple to configure, and even simpler to use. Employees, contractors, and third parties just need an HTML5 browser to securely connect to applications in the cloud and data center, no clients are needed. Leveraging zero trust technologies like multi-factor authentication and single sign-on, only validated users obtain access to applications and resources. All sessions are encrypted end-to-end with TLS, and each is governed by granular policies. -
17
You trust your privileged users with elevated access to critical systems, data, and functions. However, their advanced entitlements need to be vetted, monitored, and analyzed to protect your resources from cybersecurity threats and credential abuse. Research has found as much as 40% of insider cyberattacks involved privileged users. IBM Verify Privilege products, powered by Delinea, enable zero trust strategies to help minimize risk to the enterprise. Discover, control, manage, and protect privileged accounts across endpoints and hybrid multi-cloud environments. Discover unknown accounts. Reset passwords automatically. Monitor anomalous activity. Manage, protect, and audit privileged accounts across their lifecycles. Identify devices, servers, and other endpoints with administrative privileges to enforce least-privilege security, control application rights, and reduce impact on support teams.
-
18
Vault One
VaultOne Software
Have total control and visibility over who accesses your data, systems, applications, infrastructure and any other assets, preventing cyber attacks and data breaches. With VaultOne, protect your company’s resources and achieve compliance. VaultOne is redesigning the concept of privileged access management (PAM). Manage user access, credentials and sessions in a fast, secure and automated way. In a single and powerful solution, we offer multiple features, such as digital vault, password generator, sessions recording, auditing and reporting, customizable policies, disaster recovery and multi-factor authentication. If you’re looking for a solution to protect shared accounts, certificates and user access to applications, websites, servers, databases, cloud services and infrastructure, you’ve just found it. By creating customized access policies and managing users and privileges, you fight cyber attacks and avoid data breaches.4Starting Price: $99 per month -
19
Kelltron IAM Suite
Kelltron
Kelltron’s IAM Suite is an AI-powered identity security platform that unifies Identity & Access Management (IAM), Privileged Access Management (PAM), and Data Governance (DGM) into one seamless solution. It enables secure user provisioning, Single Sign-On (SSO) to 4,000+ apps, adaptive Multi-Factor Authentication (MFA), and role-based access control. PAM features include just-in-time access, session monitoring, and credential vaulting to safeguard privileged accounts. The DGM module helps discover, classify, and enforce data access policies for compliance with GDPR, ISO 27001, and more. Designed for hybrid IT environments, Kelltron offers cloud, on-prem, and multi-tenant deployment. AI-driven automation reduces manual workload by flagging anomalies, suggesting least-privilege access, and generating real-time risk insights. With 24/7 support and a 6-month free trial, Kelltron empowers businesses and MSPs to scale securely with full visibility and control. -
20
ManageEngine Access Manager Plus
ManageEngine
Secure remote access for privileged sessions. Centralize, secure, and manage remote connections that provide privileged access to critical business systems. An exclusive privileged session management solution for enterprises. For businesses to be productive, it's important to enable privileged access to critical systems to the right employees, regardless of their location and the time of day they require access. But providing remote privileged users with such access presents huge security and privacy challenges, and legacy solutions like VPNs are often inflexible and simply don't cut it anymore. What modern enterprises need is a solution that enables direct access to every component in the infrastructure spread across the public and private clouds, while ensuring granular access controls, monitoring and recording all actions, and providing real-time control over every privileged session. ManageEngine Access Manager Plus is a web-based privileged session management softwareStarting Price: $495 per year -
21
Access Auditor
Security Compliance Corp
Access Auditor automates user entitlement reviews and user access reviews. Access Auditor also alerts on changes in user access rights, and watches for separation of duties violations, and shows who has access to what. Users can be imported from any AD/LDAP, Database, or any REST API. Enterprise roles (RBAC) can be modeled and defined, allowing full RBAC reviews and provisioning. Access Manager leverages the same ease-of-use to automate the provisioning and management of user access rights. Any system with a database, LDAP, or REST API can be automatically managed via role based access controls. SCC’s powerful and simple approach to Identity Management enables a very rapid success at a low overall cost. With a 100% customer success rate, Access Auditor is the fastest and simplest solution available and can automate your user access reviews in under a week. -
22
Devolutions PAM
Devolutions
Devolutions Privileged Access Manager (PAM) discovers privileged accounts, automates password rotation, approves check-outs, enforces just-in-time (JIT) privilege elevation, and records every session—giving small and midsize businesses (SMBs) enterprise-grade control without enterprise-grade hassle. Bundle PAM with the Privileged Access Management package and it slots straight into Devolutions Hub delivered as SaaS (Software-as-a-Service) or a self-hosted on-premises (on-prem) Devolutions Server, while Remote Desktop Manager provides one-click launches and Gateway supplies secure tunnels. One integrated stack takes you from standing privileges to true zero-standing-privilege—all under a single pane of glass, complete with granular RBAC (Role-Based Access Control) and tamper-proof audit logs.Starting Price: $50/month/user -
23
The ARCON | Privileged Access Management (PAM) solution provides over every aspect of your IT infrastructure so that you can build contextual security around your most important asset: data. Its granular access control allows you to structure your security infrastructure the way you want, giving and revoking access for whomever you wish, whenever you wish, all on your own terms. Get rule- and role-based access control to all target systems with the principle of ‘least-privilege’ only allowing access to data on a ‘need-to-know’ basis. This helps your admins manage, monitor, and control privileged accounts down to the individual end user. Build a unified access control and governance framework to monitor privileged identities, whether on-prem, on-cloud, in a distributed data center or a hybrid environment. Randomize and change passwords automatically to overcome the threats arising from shared credentials.
-
24
Akku
CloudNow Technologies
The corporate user lifecycle, streamlined. Akku is a robust, flexible identity and access management solution created to help you manage every stage of the user lifecycle more effectively. With its range of versatile features, Akku helps improve data security, standards compliance, efficiency and productivity. Akku delivers a powerful cloud SSO solution that can be integrated easily with almost any cloud or in-house application, and packages a range of security and access control features that make user provisioning, management, access control and deprovisioning seamless. Unlike many other IAM solutions, Akku is built on an agentless architecture, without the need for a user agent to be installed on your infrastructure. So you know exactly what parts of your sensitive user information Akku can access, ensuring transparency and control.Starting Price: $5.00/year/user -
25
Pomerium
Pomerium
Pomerium is a secure, clientless solution that enables seamless access to web applications and services without the need for a corporate VPN. Designed to enhance developer productivity, it eliminates complex user access flows that can hinder workflow. Unlike traditional client-based tunneling solutions, Pomerium offers lightning-fast connections with minimal latency, ensuring security and privacy without compromise. It leverages contextual data for access control decisions, implementing continuous verification—a zero trust concept where every action is verified for contextual factors before being accepted or denied. This approach contrasts with NextGen VPNs, which only verify authentication and authorization at the start of a session. Pomerium supports secure access to web apps, databases, Kubernetes clusters, internal tools, and legacy applications, making it suitable for individuals and teams of all sizes.Starting Price: $7 per month -
26
Fastpath
Fastpath
Fastpath’s cloud-based access orchestration platform allows organizations to manage and automate identity, access governance, and data and configuration changes – efficiently and cost effectively. Our intuitive cloud-based platform seamlessly integrates identity governance and GRC into one sophisticated yet easy-to-use solution. Effortlessly automate, control, and monitor access - from applications down to individual data records to dramatically reduce risk and compliance costs. Fastpath’s platform was designed by auditors who understand the complexity of securing business application access. That’s why we created a solution that reduces the time, cost and complexity associated with audit processes and reporting to prove compliance. -
27
Opal
Opal
Opal is a security platform that enables organizations to scale least privilege, creating new ways for teams to work smarter. We believe access should be decentralized, self-service, and integrated with the technologies your team already uses. Remove bottlenecks. Delegate access requests to those who have the most context. More context = faster and better decisions. Intelligent automation. Let Opal handle it all, giving access when it matters most, sending automatic reminders, and removing access when no longer needed. Transparency matters. Be on the same page about who approves access, who has access to what, the status of requests, and more. Skip the game of telephone! Companies give out far too much access. Access is granted in a way that is overly coarse and often for an indefinite amount of time. Most companies have painfully manual and inconsistent ways of granting just-in-time access. -
28
BeyondTrust Pathfinder
BeyondTrust
BeyondTrust Pathfinder offers a comprehensive identity-centric security platform designed to protect enterprises from privilege-based attacks by delivering visibility, control, and governance across human and non-human identities, credentials, and access paths. At the core is the Pathfinder Platform, which dynamically maps paths to privilege across endpoints, servers, clouds, IdPs, SaaS, and databases, exposing hidden over-privileged accounts, orphaned identities, and attack vectors. Other key components include Identity Security Insights for unified detection and risk-based prioritization of identity threats, Password Safe to discover, vault, manage and audit privileged credentials and session activity, Privileged Remote Access for secure, rule-based access with full session monitoring, Entitle for automating cloud permissions and just-in-time access, Endpoint Privilege Management for enforcing least-privilege on endpoints with application control and file-integrity monitoring. -
29
Hexnode IdP
Hexnode
Hexnode IdP is an identity provider designed to help organizations manage authentication, access control, and identity governance from a centralized platform. It enables IT and security teams to verify user identities and enforce secure access to enterprise applications, devices, and resources. By combining identity verification with real-time device posture evaluation, Hexnode IdP supports a Zero Trust approach to access management. The platform includes capabilities such as single sign-on (SSO), multi-factor authentication (MFA), role-based access control (RBAC), and conditional access policies. These controls allow organizations to ensure that only authorized users on compliant devices can access sensitive systems and data. By centralizing authentication and access policies in a single console, organizations can simplify identity management while improving overall security visibility and control. -
30
Entitle
BeyondTrust
Entitle fuses a security-first approach to provisioning and governance, with a commitment to business enablement for all teams, from R&D and sales to H&R and finance. Speed up provisioning to unlock security policies that automatically update with changing infrastructure and employee needs. Grant permissions to specific resources, like Google Drive folders, database tables, Git repositories, and more. Keep privileged resources and roles safe by granting access only when needed, and removing them when not. Give peers, managers, and resource owners the power to approve access requests, for authorizations you can trust. With automated access requests and zero-touch provisioning, DevOps, IT, and all teams can save serious time and resources. Users can request access to what they need via Slack, Teams, Jira, or email for a seamless approval process. Grant bulk permissions for fast onboarding and offboarding to keep up with organizational changes. -
31
Pathlock
Pathlock
Pathlock brings simplicity to customers who are facing the security, risk, and compliance complexities of a digitally transformed organization. New applications, new threats, and new compliance requirements have outpaced disparate, legacy solutions. Pathlock provides a single platform to unify access governance, automate audit and compliance processes, and fortify application security. With Pathlock, some of the largest and most complex organizations in the world can confidently handle the security and compliance requirements in their core ERP and beyond. Whether it’s minimizing risk exposure and improving threat detection, handling SoD with ease, or unlocking IAM process efficiencies – Pathlock provides the fastest path towards strengthening your ERP security & compliance posture. -
32
Hyperport
Hyperport
The Hyperport is a unified secure-user-access solution that merges Zero-Trust Network Access (ZTNA), Privileged Access Management (PAM), and Secure Remote Access (SRA) into one flexible architecture, allowing internal staff, remote employees, vendors and third-party partners to connect in seconds without compromising security. It enforces least-privilege access across an organisation’s entire infrastructure, from Windows and web applications to industrial control systems, via just-in-time authorization, multi-factor authentication at every security zone, real-time monitoring, session recording, and dynamic entitlement management. The platform is built for hybrid, cloud and on-premises deployments with multi-site support, enabling centralised management across IT, OT, ICS and CPS environments; it features browser-based portals (Web, RDP, SSH, VNC), encrypted file transfers, immutable audit logs, micro-segmentation and policy enforcement to reduce the attack surface. -
33
Heimdal Application Control
Heimdal®
Heimdal Application Control is a novel approach to integrative application management and user rights curation. Modular and easy to set up, App Control empowers the system administrator to create all-encompassing rule-based frameworks, streamline auto-dismissal or auto-approval flows, and enforce individual rights per Active Directory group. The tool’s uniqueness comes from its ability to perfectly pair with a (PAM) Privileged Access Management solution, imparting the user with granular oversight of software inventories and hardware assets. -
34
Devolutions Workspace
Devolutions
Workplace passwords are everywhere—apps, websites, servers. Devolutions Workspace brings them together in one interface that works across Windows, macOS, Linux, iOS, Android, and browsers. Users can autofill credentials, manage entries based on role-based access control (RBAC), and respond to time-sensitive access requests—without ever seeing the raw passwords. Workspace includes multi-factor authentication (MFA) through Devolutions Authenticator, secure in-app messaging, and offline mode. Admins can enforce strong policies, while end-users enjoy a frictionless login experience. The Workforce Password Management package is the backbone. It connects Workspace to centralized credential storage using either cloud-based Devolutions Hub or self-hosted Devolutions Server, depending on your infrastructure needs. This combination gives growing teams the structure they need to eliminate password chaos and strengthen access governance—without the complexity or cost of legacy solutions.Starting Price: $3/month/user -
35
Bravura Privilege
Bravura Security
Bravura Privilege secures access to elevated privileges. It eliminates shared and static passwords to privileged accounts. It enforces strong authentication and reliable authorization prior to granting access. User access is logged, creating strong accountability. Bravura Privilege secures access at scale, supporting over a million password changes daily and access by thousands of authorized users. It is designed for reliability, to ensure continuous access to shared accounts and security groups, even in the event of a site-wide disaster. Bravura Privilege grants access to authorized users, applications and services. It can integrate with every client, server, hypervisor, guest OS, database and application, on-premises or in the cloud. Discovers and classifies privileged accounts and security groups. Randomizes passwords and stores them in an encrypted, replicated vault. -
36
System Frontier
Noxigen
PowerShell web front end with role based access control, auditing and remote management tools. Delegate granular permissions to manage servers, workstations, network devices and user accounts. Privileged Access Management (PAM). Let System Frontier do all the heavy lifting so you can focus on your enabling your IT teams to get more done without having more permissions than needed.Starting Price: $5 -
37
Axis Security
Axis Security
Ensure least-privilege user access to specific business resources without granting excessive access to your corporate network, or exposing applications to the Internet. Avoid deploying agents on BYOD or third-party devices and the friction that comes with it. Support access to web apps, SSH, RDP and Git without a client. Analyze how users interact with your business applications to better detect anomalies, flag potential issues, and ensure networking remains aware of changes in security controls. Use key tech integrations to automatically verify and adapt access rights based on changes in context to protect data and always ensure least-privilege access. Make private apps invisible to the Internet, keep users off the network, and deliver a safer connection to SaaS apps. -
38
OpenFGA
The Linux Foundation
OpenFGA is an open source authorization solution that enables developers to implement fine-grained access control using a user-friendly modeling language and APIs. Inspired by Google's Zanzibar paper, it supports various access control models, including Relationship-Based Access Control (ReBAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). OpenFGA offers SDKs for multiple programming languages, such as Java, .NET, JavaScript, Go, and Python, facilitating seamless integration into diverse applications. The platform is designed for high performance, capable of processing authorization checks in milliseconds, making it suitable for projects ranging from small startups to large enterprises. Operating under the Cloud Native Computing Foundation (CNCF) as a sandbox project, OpenFGA emphasizes transparency and community collaboration, inviting contributions to its development and governance.Starting Price: Free -
39
Clarity Security
Clarity Security
Eliminate audit angst with 10-minute user access reviews, flexible provisioning/de-provisioning workflows, and audit-friendly reporting, all in one simple, scalable IGA platform. White-glove onboarding takes the burden of implementing a solution off of team members reducing the impact on other IT initiatives. Automated evidence collection into a downloadable ledger mitigates the need for wasted time gathering spreadsheets, screenshots, etc. Nested entitlements and Clarity Explorer provide insight into what’s giving users access and why they’re being granted that access. True role-based access control (RBAC) and automated workflows for full alignment with your organizational structure and needs. Unlike "traditional" manual methods, Clarity has everything you need to quickly upgrade your identity governance program and seamlessly adapt it as your organization grows. Fast reviews for certifying user access, entitlements, roles, application access, and more. -
40
BAAR-IGA
BAAR Technologies Inc.
BAARIGA automates identity, governance, and administration for your environment. Legacy applications, mainframes, and new-age applications. BAARIGA will action new users, terminated users as well as a change to a user (e.g. designation change) in a fully automated way. This extends to the creation of an ID, and email ID as well as buying licenses. Access provisioning to applications that use the Active Directory for authentication and authorization, as well as applications that self-authenticate users. Legacy as well as new age apps. Automated user access review. BAARIGA has data collection nodes that collect access info directly from applications. Access is revoked automatically if needed. Single sign-on for legacy as well as single sign-on compliant applications. The SSO component of BAARIGA provides a secure way to ensure a user needs to have access to just one password. BAARIGA will check to see if there are users who have conflicting roles in applications. -
41
Britive
Britive
Permanent elevated privileges leave you open to increased data loss & account damage due to insider threats & hackers 24/7. Temporarily granting & expiring Just In Time Privileges with Britive instead minimizes the potential blast radius of your privileged human and machine identities. Maintain zero standing privileges (ZSP) across your cloud services, without the hassle of building a DIY cloud PAM solution. Hardcoded API keys and credentials, typically with elevated privileges, are sitting targets for exploits, and there are 20x more machine IDs using them than there are human users. Granting & revoking Just-in-Time (JIT) secrets with Britive can significantly reduce your credential exposure. Eliminate static secrets & maintain zero standing privileges (ZSP) for machine IDs. Most cloud accounts become over-privileged over time. Contractors & employees often maintain access after they leave. -
42
Aserto
Aserto
Aserto helps developers build secure applications. It makes it easy to add fine-grained, policy-based, real-time access control to your applications and APIs. Aserto handles all the heavy lifting required to achieve secure, scalable, high-performance access management. It offers blazing-fast authorization of a local library coupled with a centralized control plane for managing policies, user attributes, relationship data, and decision logs. And it comes with everything you need to implement RBAC or fine-grained authorization models, such as ABAC, and ReBAC. Take a look at our open-source projects: - Topaz.sh: a standalone authorizer you can deploy in your environment to add fine-grained access control to your applications. Topaz lets you combine OPA policies with Zanzibar’s data model for complete flexibility. - OpenPolicyContainers.com (OPCR) secures OPA policies across the lifecycle by adding the ability to tag, verStarting Price: $0 -
43
Delinea’s Database Access Controller enables enterprises to adopt modern cloud databases from AWS, Google, Azure, Oracle, Redis, and others while still enforcing appropriate access levels, multi-factor authentication, complete reporting, and auditing workflows. Proxy connections through a centralized portal and restrict direct database access. Protect databases with layered authentication, authorization, and granular role-based access controls. Provides time-based access, auditable logs, and reports to generate alerts and notifications. Gain granular access control to databases, such as Oracle, MySQL, PostgreSQL, MariaDB, MongoDB, Redis, AWS RDS, and Google DB, whether on-premise or in the cloud. See who is accessing databases and govern their database access using capabilities such as multi-factor authentication (MFA) and logging activities for tighter database security. Secure database access to protect your most valuable information.
-
44
Devolutions Server
Devolutions
Devolutions Server (DVLS) is a self-hosted solution designed to streamline account and credential management across your organization. Without centralized control, teams often struggle with unsecured credentials, unauthorized access, and inconsistent security practices. DVLS addresses these issues by offering a secure, shared account and credential management platform with the ability to enforce access policies, manage user roles, and provide detailed auditing. DVLS also includes optional privileged access components for organizations that require more granular control over sensitive accounts. Fully integrated with Remote Desktop Manager, it offers a seamless way to manage credentials and remote sessions, ensuring that all access is secure and well-governed. Whether you’re a small team or a large enterprise, Devolutions Server simplifies credential management and improves security.Starting Price: $3/month/user -
45
Identity Confluence
Tech Prescient
Identity Confluence is an intelligent Identity Governance and Administration (IGA) platform designed to help IT and security teams manage access, automate identity lifecycles, and maintain continuous compliance across cloud and hybrid environments. Built for modern enterprises, Identity Confluence unifies identity lifecycle management, access control, and governance into a single, scalable platform. Automate Joiner-Mover-Leaver (JML) processes, enforce policy-based access controls (RBAC, ABAC, PBAC), and conduct real-time user access reviews—all from one intuitive interface. Key Features: Lifecycle Automation: Trigger real-time provisioning and deprovisioning across HR, IT, and business systems. Access Controls: Implement dynamic, fine-grained access policies using roles, attributes, and policies. App & Directory Integrations: Out-of-the-box connectors for AD, Azure AD, Okta, Workday, SAP, and more. Access Reviews: Automate certifications, enforce Segregation of Duties -
46
Casbin
Casbin
Casbin is an open-source authorization library that supports various access control models, including Access Control Lists (ACL), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). It is implemented in multiple programming languages such as Golang, Java, C/C++, Node.js, JavaScript, PHP, Laravel, Python, .NET (C#), Delphi, Rust, Ruby, Swift (Objective-C), Lua (OpenResty), Dart (Flutter), and Elixir, providing a consistent API across different platforms. Casbin abstracts access control models into configuration files based on the PERM metamodel, allowing developers to switch or upgrade authorization mechanisms by simply modifying configurations. It offers flexible policy storage options, supporting various databases like MySQL, PostgreSQL, Oracle, MongoDB, Redis, and AWS S3. The library also features a role manager to handle RBAC role hierarchies and supports filtered policy management for efficient enforcement.Starting Price: Free -
47
Okta
Okta
One platform, infinite ways to connect to your employees and customers. Build auth into any app. Create secure, delightful experiences quickly by offloading customer identity management to Okta. Get security, scalability, reliability, and flexibility by combining Okta’s Customer Identity products to build the stack you need. Protect and enable your employees, contractors, and partners. Secure your employees—wherever they are—with Okta’s workforce identity solutions. Get the tools to secure and automate cloud journeys, with full support for hybrid environments along the way. Companies around the world trust Okta with their workforce identity. -
48
WALLIX BestSafe
WALLIX Group
Eliminate the need for user accounts with elevated permissions thanks to innovative endpoint privilege management. Achieve unparalleled security across all endpoints with permissions controlled at the application and process level – without impacting user productivity. Mitigate the risks of granting administrator privileges without overburdening your IT team. Endpoint Privilege Management applies the Principle of Least Privilege with seamless and granular application-level permissions control while empowering users to work efficiently. Block ransomware, malware, and crypto viruses from entering your network, even when users hold elevated privileges. Control privileges at the application and process-level and stop encryption operations with innovative endpoint protection technology. Enforce least privilege security efficiently, with no impact on user productivity and minimizing the need for IT intervention. -
49
Amazon Verified Permissions
Amazon
Amazon Verified Permissions is a fully managed authorization service that uses the provably correct Cedar policy language, so you can build more secure applications. With Verified Permissions, developers can build applications faster by externalizing authorization and centralizing policy management. They can also align authorization within the application with Zero Trust principles. Security and audit teams can better analyze and audit who has access to what within applications. Accelerate application development by decoupling authorization from business logic. Protect application resources and manage user access to the principle of least privilege. Amazon Verified Permissions is a fully managed, Cedar-compatible permissions management and fine-grained authorization service for the applications that you build. Using Cedar, an expressive, performant, and analyzable open source policy language, developers and admins can define policy-based access controls.Starting Price: $0.00015 per request -
50
BeyondTrust Privileged Remote Access
BeyondTrust
Secure, manage, and audit vendor and internal remote privileged access without a VPN. Watch demo. Give legitimate users the access they need to be productive, while keeping attackers out. Give contractors and vendors privileged access to critical assets without giving them a VPN. Satisfy internal and external compliance requirements with comprehensive audit trails and session forensics. Guarantee adoption with a system that actually lets users do their jobs faster and easier than they do today. Prevent “privilege creep” and quickly enforce least privilege to protect your IT assets. Make least privilege productive and combat data breaches, without sacrificing security. Standardized, secure, and complete privileged session management solution that controls the access to and from any platform in any environment. Eliminate manual credential check-in and check-out.
