Alternatives to OpenText ZENworks Endpoint Security Management
Compare OpenText ZENworks Endpoint Security Management alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to OpenText ZENworks Endpoint Security Management in 2026. Compare features, ratings, user reviews, pricing, and more from OpenText ZENworks Endpoint Security Management competitors and alternatives in order to make an informed decision for your business.
-
1
ManageEngine Endpoint Central
ManageEngine
ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the entire endpoint lifecycle, all from a single console. With automated patching across Windows, Mac, Linux and 1,000+ third-party applications, it ensures vulnerabilities are mitigated before attackers can exploit them. Its next-gen antivirus (NGAV) feature, powered by AI-driven behavioural detection, provides 24/7 protection against ransomware, malware, and zero-day threats. Endpoint Central further strengthens enterprise defenses with a broad set of security capabilities, including vulnerability assessment and mitigation, peripheral device control, data loss prevention, application control, endpoint privilege management, encryption with FileVault and BitLocker, and browser security. -
2
DriveLock
DriveLock
Cyber threats are everywhere, but protecting your IT systems should be as natural as locking your front door. With DriveLock’s HYPERSECURE Platform, safeguarding your endpoints and business data is easier than ever. We integrate the latest security technologies and share our expertise, so you can focus on what matters—without worrying about data protection. Zero Trust Platform takes a proactive approach, eliminating security gaps before they become a risk. By enforcing centralized policies, DriveLock ensures employees and endpoints access only what they need—following the golden rule of cybersecurity: ''never trust, always verify''. -
3
OpenText ZENworks Suite
OpenText
OpenText ZENworks Suite is a unified endpoint management platform designed to simplify the way organizations manage devices, applications, security policies, and software updates. It centralizes control of thousands of endpoints, ensuring consistent deployment, compliance, and visibility across the organization. With automated patching, encryption, and policy-driven security, ZENworks strengthens protection while reducing IT workload. The suite helps IT teams eliminate tool sprawl by consolidating asset management, endpoint security, software delivery, and device configuration into one solution. Hybrid work support makes it easy to manage devices remotely and securely without complicated infrastructure. Ultimately, ZENworks improves operational efficiency, lowers IT costs, and enhances organizational productivity. -
4
OpenText ZENworks Full Disk Encryption enables you to centrally enforce policies for encrypting entire hard disks on Windows 7, Windows 8, and Windows 10 machines in your organization. You manage them using the same web-based console and adaptive agent that you use for other ZENworks products. Protect your company data with the proven reliability of encrypting the entire hard disk drive. Ensure that encrypted devices remain easy to manage across the enterprise. You can remotely unlock devices that are protected by full disk encryption and keep users productive while they work remotely. Ensure that you meet critical industry guidelines and government regulations for protecting customer and patient data. Leverage your experience with ZENworks to reduce the cost of implementing Full Disk Encryption.
-
5
Enable automated processes for patch assessment, monitoring, and remediation. Apply patches up to 13 times faster without burdening your staff. Team workspaces enable you to create digital offices where local and global team members can gather online to coordinate their efforts. Monitor patch compliance, quickly identify and assess vulnerabilities, and automatically apply updates and patches to meet pre-defined standards. Patch Management watches your back, patching everything you’ve got on your network 24 hours a day, without the need for human intervention. With its unique policy-based approach, you set up the policies, define the actions, and then sit back and let ZENworks do the rest. ZENworks Patch Management includes fast, automatic patch deployment based on predefined policies, as well as the ability to customize tested patches as needed. It also supports phased rollouts to ensure smooth, error-free patch deployments to large numbers of systems.
-
6
Zenwork Payments
Zenwork Payments
Zenwork Payments is a secure and efficient solution tailored for businesses of all sizes to manage vendor and 1099 contractor payments while ensuring full tax compliance. The platform automates payment workflows, significantly reducing manual effort and minimizing errors. With robust security and fraud prevention features, every transaction is protected and reliable. Zenwork Payments supports multiple payment methods, enabling businesses to send payments swiftly and conveniently. Its integration with compliance tools simplifies 1099 filings and ensures adherence to regulatory standards. Whether you're handling freelancer payouts or vendor invoices, Zenwork Payments helps organizations stay organized, compliant, and efficient. Say goodbye to payment complexities and tax-related stress. Zenwork Payments handles it all, allowing you to focus on growing your business.Starting Price: $19.99/month/user -
7
Carbon Black App Control
Broadcom
Carbon Black App Control is a robust application control solution designed to prevent malware, ransomware, and other unauthorized applications from running on endpoints. It enables organizations to enforce security policies by only allowing trusted applications to execute, reducing the risk of cyber threats and improving endpoint security. With its centralized management console, Carbon Black App Control provides visibility and control over the applications running in an organization, ensuring that all software complies with security policies. This solution offers real-time protection and detailed reporting capabilities, allowing IT teams to easily detect and respond to security incidents. -
8
Thinscale
Thinscale
ThinScale is an all-in-one endpoint security and management platform that helps organizations protect and control remote, hybrid, and on-site Windows devices by enforcing zero-trust security, preventing malware and data loss, and providing unified endpoint management at scale. It centralizes device lockdown, process security, and data loss prevention while supporting corporate, third-party, and employee-owned devices to create secure, compliant workspaces without sacrificing functionality, with granular allowlisting and session isolation to stop threats and unauthorized access. It supports virtual desktop and desktop-as-a-service environments, lets IT teams manage and update endpoints, policies, and applications from a single console, and includes device analytics and telemetry for real-time performance insights. -
9
ZENworks Asset Management
OpenText
ZENworks Asset Management combines sophisticated workstation inventory, network and device discovery, software management, license tracking, software usage, and contract management into a comprehensive asset management solution with a single, unified administration and management console. Micro Focus® ZENworks® Asset Management combines sophisticated workstation inventory, network and device discovery, software management, license tracking, software usage and contract management into a comprehensive asset management solution with a single, unified administration and management console. Improve license compliance and eliminate audit concerns by providing a complete, accurate view of software installations, accurate software usage data and sophisticated license reconciliation capabilities. Lower IT costs by gaining a comprehensive view of every IT asset in your organization and eliminating the risks of over- and under-purchasing. -
10
Dell Data Protection | Endpoint Security Suite offers threat protection, authentication, and encryption, all centrally-managed from the Dell Data Protection Server. With centralized management, consolidated compliance reporting, and console threat alerts, businesses can easily enforce and prove compliance for all of their endpoints. Ensure that security device drivers are up-to-date for the best customer experience. Visit http://www.dell.com/support to download Dell ControlVault drivers. Software-based Data Centric Encryption enables IT to easily enforce encryption policies, whether the data resides on the system drive or external media. Designed for mixed vendor environments, it also won’t get in the way of existing IT processes for patch management and authentication. Exclusive to select Dell Latitude, OptiPlex and Dell Precision systems, the optional Full Volume Encryption* solution equips end-user systems with military-grade protection that won’t slow your employees down.
-
11
Aserto
Aserto
Aserto helps developers build secure applications. It makes it easy to add fine-grained, policy-based, real-time access control to your applications and APIs. Aserto handles all the heavy lifting required to achieve secure, scalable, high-performance access management. It offers blazing-fast authorization of a local library coupled with a centralized control plane for managing policies, user attributes, relationship data, and decision logs. And it comes with everything you need to implement RBAC or fine-grained authorization models, such as ABAC, and ReBAC. Take a look at our open-source projects: - Topaz.sh: a standalone authorizer you can deploy in your environment to add fine-grained access control to your applications. Topaz lets you combine OPA policies with Zanzibar’s data model for complete flexibility. - OpenPolicyContainers.com (OPCR) secures OPA policies across the lifecycle by adding the ability to tag, verStarting Price: $0 -
12
OpenText Core EDR
OpenText
OpenText Core EDR is an all-in-one endpoint detection and response solution that unifies endpoint protection, SIEM (security information and event management), SOAR (security orchestration, automation, and response), alert triage, and vulnerability assessment into a single platform, eliminating the need to manage disparate security tools. It uses a lightweight agent with pre-configured policies, enabling deployment in minutes and simplifying management across devices without complex scripting. By correlating endpoint, network, and identity events in real time, built-in SIEM and SOAR playbooks surface suspicious behavior and automatically guide containment, remediation, and investigation actions. Continuous, global threat intelligence powers real-time monitoring, helping detect malware, ransomware, zero-day attacks, and other advanced threats before they spread, and enabling rapid isolation or remediation of compromised endpoints. -
13
OpenText Core Endpoint Backup
OpenText
OpenText Core Endpoint Backup delivers a comprehensive, automatic data-protection solution for today’s distributed workforces by safeguarding Windows and macOS endpoints across any geographic distance or complex network topology. It centralizes backup management in a single console, automating forever-incremental snapshots and offering flexible restore options, including point-in-time recovery for individual devices or entire fleets. Industry-leading security features, AES 256-bit and RSA-4096 encryption with patented key management, ensure data remains protected both in transit and at rest, while built-in deduplication optimizes storage efficiency. Administrators benefit from streamlined deployment and policy control across the organization, regardless of size or environment, and can leverage geolocation tracking and remote-wipe capabilities to secure data on lost or compromised devices. -
14
If your staff spends more than 10% of its time running around trying to manage desktops and mobile devices, your life is a lot harder – and more expensive – than it should be. ZENworks Configuration Management increases user productivity with an identity-centric approach that focuses on users, devices, and locations to deliver the right resources to the right users. Integrated remote management so IT can control, view, chat, transfer files, and execute applications both inside and outside the corporate network. Discover IP-attached assets and obtain complete hardware and software inventory of endpoint devices. Implement modern device management features across Windows, iOS, and Android. Easily manage a hybrid workforce. No VPN connected needed to support endpoint devices. Leverage Apple DEP, Android Enterprise, and Microsoft Autopilot for devices.
-
15
As a vital piece of your IT security strategy, Clearswift Endpoint Data Loss Protection (DLP) solution allows organizations to detect, inspect and secure critical data on endpoints. In one solution, it provides context-aware Data in Use (DIU) policies to control which devices can connect to a corporate network and what information can be transferred. It also executes scheduled Data at Rest (DAR) scans on file systems to audit and manage critical data residing on the network or in the cloud. A lightweight agent, Clearswift Endpoint DLP works behind the scenes to enforce your security and compliance policies and provides continuity even when users are not connected to the network. Flexible and context-aware DIU policies allow organizations to apply rules that either prevent documents containing critical data from being copied to removable media, shared on the network or uploaded to the cloud, or automatically encrypt them before they are transferred.
-
16
Obot MCP Gateway
Obot
Obot is an open-source AI infrastructure platform and Model Context Protocol (MCP) gateway that gives organizations a centralized control plane for discovering, onboarding, managing, securing, and scaling MCP servers, services that connect large language models and AI agents to enterprise systems, tools, and data. It bundles an MCP gateway, catalog, admin console, and optional built-in chat interface into a modern interface that integrates with identity providers (e.g., Okta, Google, GitHub) to enforce access control, authentication, and governance policies across MCP endpoints, ensuring secure, compliant AI interactions. Obot lets IT teams host local or remote MCP servers, proxy access through a secure gateway, define fine-grained user permissions, log and audit usage, and generate connection URLs for LLM clients such as Claude Desktop, Cursor, VS Code, or custom agents.Starting Price: Free -
17
OpenText Core Endpoint Protection
OpenText
OpenText Core Endpoint Protection delivers next-generation, cloud-based security designed to stop ransomware, phishing, and zero-day attacks before they disrupt business operations. Using real-time machine learning and OpenText Threat Intelligence, it continuously identifies threats and blocks malicious behavior across all endpoints. The platform simplifies security management with pre-built policies, easy administration, and seamless integration with leading RMM tools. With cloud-based control, IT teams can monitor and protect devices from anywhere without requiring on-premises oversight. The solution minimizes downtime by preventing infections and enabling rapid isolation and investigation when suspicious activity occurs. For organizations seeking deeper visibility, it integrates seamlessly with OpenText Core EDR to provide advanced threat detection and workflow automation.Starting Price: $30 per year -
18
Identity Confluence
Tech Prescient
Identity Confluence is an intelligent Identity Governance and Administration (IGA) platform designed to help IT and security teams manage access, automate identity lifecycles, and maintain continuous compliance across cloud and hybrid environments. Built for modern enterprises, Identity Confluence unifies identity lifecycle management, access control, and governance into a single, scalable platform. Automate Joiner-Mover-Leaver (JML) processes, enforce policy-based access controls (RBAC, ABAC, PBAC), and conduct real-time user access reviews—all from one intuitive interface. Key Features: Lifecycle Automation: Trigger real-time provisioning and deprovisioning across HR, IT, and business systems. Access Controls: Implement dynamic, fine-grained access policies using roles, attributes, and policies. App & Directory Integrations: Out-of-the-box connectors for AD, Azure AD, Okta, Workday, SAP, and more. Access Reviews: Automate certifications, enforce Segregation of Duties -
19
Delinea Privilege Manager
Delinea
Privilege Manager is the most comprehensive endpoint privilege elevation and application control solution that operates at cloud speed and scale. You can prevent malware from exploiting applications by removing local administrative rights from endpoints and implementing policy-based application controls. Privilege Manager prevents malware attacks without causing any end user friction that slows productivity. Available both on-premises and in the cloud, enterprises and fast-growing teams can manage hundreds of thousands of machines through Privilege Manager. With built-in application control, real-time threat intelligence, and actionable reporting, it is easier than ever to manage endpoints and demonstrate compliance with least privilege policies to executives and auditors. -
20
Gate22
ACI.dev
Gate22 is an enterprise-grade AI governance and MCP (Model Context Protocol) control platform that centralizes, secures, and observes how AI tools and agents access and use MCP servers across an organization. It lets administrators onboard, configure, and manage both external and internal MCP servers with fine-grained, function-level permissions, team-based access control, and role-based policies so that only approved tools and functions can be used by specific teams or users. Gate22 provides a unified MCP endpoint that bundles multiple MCP servers into a simplified interface with just two core functions, so developers and AI clients consume fewer tokens and avoid context overload while maintaining high accuracy and security. The admin view offers a governance dashboard to monitor usage patterns, maintain compliance, and enforce least-privilege access, while the member view gives streamlined, secure access to authorized MCP bundles.Starting Price: Free -
21
Automox
Automox
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.Starting Price: $3.00 -
22
AWS Network Firewall
Amazon
With AWS Network Firewall, you can create firewall rules that provide fine-grained control over network traffic and easily deploy firewall security across your VPCs. Automatically scale your network firewall to protect your managed infrastructure. Protect your unique workloads with a flexible engine that can define thousands of custom rules. Centrally manage security policies across existing accounts and VPCs and automatically enforce mandatory policies on new accounts. With AWS Network Firewall, you can define firewall rules that provide fine-grained control over network traffic. Network Firewall works together with AWS Firewall Manager so you can build policies based on Network Firewall rules and then centrally apply those policies across your virtual private clouds (VPCs) and accounts. Inspect traffic flows using features such as inbound encrypted traffic inspection, stateful inspection, protocol detection, and more. -
23
Calico Enterprise
Tigera
A self-managed, active security platform with full-stack observability for containers and Kubernetes. Calico Enterprise is the industry’s only active security platform with full-stack observability for containers and Kubernetes. Calico Enterprise extends the declarative nature of Kubernetes to specify security and observability as code. This ensures consistent enforcement of security policies and compliance, and provides observability for troubleshooting across multi-cluster, multi-cloud and hybrid deployments. Implement zero-trust workload access controls for traffic to and from individual pods to external endpoints on a per-pod basis, to protect your Kubernetes cluster. Author DNS policies that implement fine-grained access controls between a workload and the external services it needs to connect to, like Amazon RDS, ElastiCache, and more. -
24
Application Control Plus is an enterprise solution that leverages application control and privilege management features to fortify endpoint security. With application discovery, rule-based whitelisting/blacklisting, management of application-specific privileges, and just-in-time access enabled for temporary requirements, this software ensures that it caters to the end-to-end application needs of businesses. Ensure complete endpoint security by creating whitelists of applications that you trust, and keep all untrusted applications out of your network. Protect your risky legacy OS machines by deploying application control policies that prevent vulnerable applications without a patch from running. Augment the security of customer-facing systems such as point-of-sale or fixed-function machines by simulating an environment under lockdown using policies run in Strict Mode.
-
25
Netwrix Endpoint Protector
Netwrix
Netwrix Endpoint Protector is an advanced enterprise-grade Data Loss Prevention (DLP) solution designed to protect sensitive data from unauthorized sharing and malicious extraction from employee endpoints. It offers cross-platform capabilities, supporting Windows, macOS, and Linux operating systems, ensuring comprehensive security across diverse IT environments. The solution provides customizable device control to manage USB and peripheral ports, preventing unauthorized data transfers and mitigating risks associated with data leaks. Additionally, it includes content inspection features that enforce sophisticated policies based on sensitive data categories, keywords, and file types, effectively preventing unauthorized data transfers. Netwrix Endpoint Protector also assists organizations in achieving regulatory compliance with standards such as GDPR, HIPAA, and PCI DSS by securing personally identifiable information, protected health information, and payment card information. -
26
VIPRE Endpoint Security
VIPRE Security Group
VIPRE Endpoint delivers comprehensive defense against today’s sophisticated malware without the complexity of other solutions. We keep your total cost of ownership low while providing advanced security powered by machine learning, real-time behavioral analysis, and a global threat intelligence network. VIPRE combines a modern endpoint solution with time-saving efficiencies, ensuring your organization stays secure and operational. Protecting files, applications, and networks, VIPRE offers complete malware defense. It also helps enforce internet usage policies with granular controls that support employer duty-of-care. Dynamic dashboards provide real-time insights into the status of your endpoint environment, making it easier to monitor and manage security across your organization. Available as a core next-generation AV solution, a full EDR solution, or a combined EDR+MDR solution, we have a package that will work for you.Starting Price: $34/seat/year -
27
Panda Endpoint Protection
WatchGuard
Our endpoint protection stops malware, ransomware, and threats that leverage unknown (zero-day) vulnerabilities using an easy-to-manage cloud-based console and a lightweight agent that doesn’t interfere with the performance of the endpoints. Endpoint protection against malware, ransomware, and the latest threats. Detailed, real-time security monitoring and reporting. Lightweight agent and easy-to-use cloud-based console. Extend security by adding patch management and encryption without a new deployment. This effective, Cloud-native security solution for desktops, laptops, and servers centrally manages the security of endpoints, both inside and outside the corporate network. Our Endpoint Protection (EPP) technologies prevent infections by utilizing our Collective Intelligence, the consolidated and incremental knowledge repository of all applications, binaries, and other files, both trusted and malicious. -
28
Kaspersky Endpoint Security
Kaspersky Lab
With more of your business operations going digital, you need to protect every server, laptop and mobile device on your network. Select tier combines multi-layered technologies with flexible cloud management and centralized application, web and device controls to protect your sensitive data on every endpoint. Security shouldn’t slow you down, so our security has minimal impact on system performance. And if you’re attacked, the Remediation Engine undoes most malicious actions, so users can keep working without interruption. Delivering world-class security – including post execution Behavior Detection and Machine Learning technologies – to help reduce your attack risk and keep all your endpoints safe and secure, with less need to download frequent updates. Provides straightforward migration from third-party endpoint protection, helping to make your transition error-free. Our post-deployment quality assurance audit service will ensure optimum configuration.Starting Price: $40.00/one-time/user -
29
Falcon Firewall Management
CrowdStrike
Falcon Firewall Management makes it easy to create, manage and enforce policies with a simple, centralized approach. Defend against network threats, and gain instant visibility to enhance protection and inform action.Delivered via the same lightweight Falcon agent, management console and cloud-native architecture, it deploys and is operational in minutes. Simplifies operations by using the same lightweight Falcon agent, management console and cloud-native architecture. Deploys and is operational in minutes without requiring reboots, fine-tuning or complex configuration. Streamlines workflows and increases visibility across endpoint security controls due to the single management console for both endpoint protection and host firewall management. Automatically identify and view specific activities, potential threats and network anomalies. -
30
Manages users, groups and roles. Authentication, delegation, authorization and auditing. Role-based access control, entitlements and time-based access rules. Manages access control policies for Web, Java and CORBA® resources. Manages access control policies for fine-grain application data and/or features. Central administration with flexible deployment options. Features specifically designed to aid in meeting privacy legislation. Supports integration with existing security infrastructure. Provides foundation for orb2 for Java Security Services.
-
31
Cloudentity
Cloudentity
Cloudentity increases development velocity, audit efficiency and risk mitigation by advancing fine-grained authorization policy management and delivering continuous, transaction-level enforcement across hybrid, multi-cloud and microservice environments. Externalize authorization management that empowers developers to efficiently create policy-as-code, provision standardized controls, and invoke contextual access and data exchange enforcement as close to the service as possible. Accelerate application delivery by expediting security validation with full data lineage for audit, forensics and compliance. Cloudentity provides dynamic authorization governance that delivers policy automation and adaptive control ensuring Zero Trust between users, apps, services and data. Automate app, service and API inventory, authorization policy standardization, and declarative authorization provisioning to streamline release security verification. -
32
Proofpoint’s Data Loss Prevention solution enables organizations to prevent and manage the risk of sensitive data exposure across email, cloud applications, and endpoints through a unified, cloud-native architecture designed for people-centric protection. It combines advanced content detection (including AI-powered classifiers and optical character recognition), user-behavior analytics, and threat telemetry to identify negligent, compromised, or malicious users and determine intent behind alerts. The platform features a single console that enables triage, investigation, and response across channels; streamlined alert workflows; a lightweight endpoint agent; and support for dynamic policy enforcement, data lineage visualization, and remediation of excess privileges. With this solution, you can detect sensitive file manipulations, uploads to unauthorized destinations, misuse of generative-AI tools, data exfiltration, and abnormal user behaviors while also scaling rapidly.
-
33
Amazon Verified Permissions
Amazon
Amazon Verified Permissions is a fully managed authorization service that uses the provably correct Cedar policy language, so you can build more secure applications. With Verified Permissions, developers can build applications faster by externalizing authorization and centralizing policy management. They can also align authorization within the application with Zero Trust principles. Security and audit teams can better analyze and audit who has access to what within applications. Accelerate application development by decoupling authorization from business logic. Protect application resources and manage user access to the principle of least privilege. Amazon Verified Permissions is a fully managed, Cedar-compatible permissions management and fine-grained authorization service for the applications that you build. Using Cedar, an expressive, performant, and analyzable open source policy language, developers and admins can define policy-based access controls.Starting Price: $0.00015 per request -
34
MintMCP
MintMCP
MintMCP is an enterprise-grade Model Context Protocol (MCP) gateway and governance platform that provides centralized security, observability, authentication, and compliance controls for AI tools and agents connecting to internal data, systems, and services. It lets organizations deploy, monitor, and govern MCP infrastructure at scale, giving real-time visibility into every MCP tool call, enforcing role-based access control and enterprise authentication, and maintaining complete audit trails that meet regulatory and compliance needs. Built as a proxy gateway, MintMCP consolidates connections from AI assistants like ChatGPT, Claude, Cursor, and others to MCP servers and tools, enabling unified monitoring, blocking of risky behavior, secure credential management, and fine-grained policy enforcement without requiring each tool to implement security individually. -
35
Absolute Secure Endpoint
Absolute Software
Manage and secure your data, devices, and applications with an unbreakable connection to every endpoint — on or off your network. Absolute gives you unparalleled line-of-sight to your devices and data. The self-healing connection keeps critical applications such as SCCM, VPN, antivirus, and encryption present, healthy, and up-to-date. And sensitive data remains protected, even when accessed from outside your network. Maintain complete control of every endpoint, with a comprehensive library of automated, custom workflows — no scripting required. Reduce the load on your IT and security teams with pre-built commands for enforcing Windows updates, managing device configurations, and resolving issues — from helpdesk tickets to security events. Absolute is the only endpoint security solution factory-installed by every major PC manufacturer. Embedded in the BIOS of over half a billion devices, chances are, you already have it. All you have to do is activate it. -
36
Peta
Peta
Peta is an enterprise-grade control plane for the Model Context Protocol (MCP) that centralizes, secures, governs, and monitors how AI clients and agents access external tools, data, and APIs. It combines a zero-trust MCP gateway, secure vault, managed runtime, policy engine, human-in-the-loop approvals, and full audit logging into a single platform so organizations can enforce fine-grained access control, hide raw credentials, and track every tool call made by AI systems. Peta Core acts as a secure vault and gateway that encrypts credentials, issues short-lived service tokens, validates identity and policies on each request, orchestrates MCP server lifecycle with lazy loading and auto-recovery, and injects credentials at runtime without exposing them to agents. The Peta Console lets teams define who or which agents can access specific MCP tools in specific environments, set approval requirements, manage tokens, and analyze usage and costs.Starting Price: Free -
37
Cedar
Amazon
Cedar is an open source policy language and evaluation engine developed by AWS to facilitate fine-grained access control in applications. It enables developers to define clear and concise authorization policies, decoupling access control from application logic. Cedar supports common authorization models, including role-based access control and attribute-based access control, allowing for expressive and analyzable policy definitions. Its design emphasizes readability and performance, ensuring that policies are both easy to understand and efficient to enforce. By integrating Cedar, applications can make precise authorization decisions, enhancing security and maintainability. The policy structure is designed to be indexed for quick retrieval and to support fast and scalable real-time evaluation, with bounded latency. It enables analyzer tools capable of optimizing your policies and proving that your security model is what you believe it is.Starting Price: Free -
38
Ensure Endpoint
Ensure Endpoint Technologies Inc.
Ensure Endpoint is a cloud-native endpoint validation and device security tool that enforces Zero Trust by checking the security posture of devices before they connect to enterprise applications and SaaS platforms without requiring mobile device management (MDM) enrollment or admin rights. Using its patented Device Trust Passport technology, Ensure verifies critical security hygiene such as encryption, antivirus status, firewall, operating system updates, passphrase settings, and the absence of risky software, and it provides real-time guidance to help users fix compliance issues without helpdesk intervention. It is vendor-agnostic and works across Windows, macOS, iOS, and Android devices, integrates with FIDO and multi-factor authentication workflows, and can scale across multiple tenants with a single agent deployment. Ensure Endpoint helps bridge the gap for unmanaged, contractor, and BYOD devices that traditional endpoint management tools can’t secure. -
39
ManageEngine Vulnerability Manager Plus
ManageEngine
Enterprise vulnerability management software. Vulnerability Manager Plus is an integrated threat and vulnerability management software that delivers comprehensive vulnerability scanning, assessment, and remediation across all endpoints in your network from a centralized console. Scan and discover exposed areas of all your local and remote office endpoints as well as roaming devices. Leverage attacker-based analytics, and prioritize areas that are more likely to be exploited by an attacker. Mitigate the exploitation of security loopholes that exist in your network and prevent further loopholes from developing. Assess and prioritize vulnerabilities based on exploitability, severity, age, affected system count, as well as the availability of the fix. Download, test, and deploy patches automatically to Windows, Mac, Linux, and over 250 third-party applications with an integral patching module—at no additional cost.Starting Price: $695 per user per year -
40
SecuPi
SecuPi
SecuPi provides an overarching data-centric security platform, delivering fine-grained access control (ABAC), Database Activity Monitoring (DAM) and de-identification using FPE encryption, physical and dynamic masking and deletion (RTBF). SecuPi offers wide coverage across packaged and home-grown applications, direct access tools, big data, and cloud environments. One data security platform for monitoring, controlling, encrypting, and classifying data across all cloud & on-prem platforms seamlessly with no code changes. Agile and efficient configurable platform to meet current & future regulatory and audit requirements. No source-code changes with fast & cost-efficient implementation. SecuPi’s fine-grain data access controls protect sensitive data so users get access only to data they are entitled to view, and no more. Seamlessly integrate with Starburst/Trino for automated enforcement of data access policies and data protection operations. -
41
Patchifi
Patchifi
Patchifi is a cloud-native autonomous endpoint management platform that automates patching, compliance, and software deployment to secure and maintain endpoint health for IT teams and MSPs without manual scripting, WSUS dependency, or complex infrastructure. It continuously scans endpoints to detect missing updates and deploys patches automatically with policy-driven automation, helping organizations close vulnerability gaps quickly, maintain real-time compliance, and minimize operational disruptions. It provides centralized dashboards with real-time visibility into patch status, system health, and compliance metrics, and generates audit-ready reporting to simplify regulatory assessments. Patchifi supports automated software deployment and configuration enforcement across hybrid workforces, enabling silent application installs, targeted rollouts, and consistent policy application regardless of network location. -
42
Seqrite Endpoint Security Cloud
Seqrite
Seqrite Endpoint Security Cloud is a simple and comprehensive platform that lets you manage the security for multiple endpoints remotely from anywhere. Whether you’re on the move, at work or home, Seqrite EPS Cloud ensures complete security with easy manageability. Endpoint Security Cloud product by Seqrite allows small, medium and large-sized corporations to manage the security of their systems and operations from the cloud-based console. Seqrite Endpoint Security Cloud is a comprehensive digital solution to all your data security requirements. Our cloud-based endpoint security system does not require any hardware installation and provides complete security via advanced device control, DLP, asset management, etc. Seqrite’s all-inclusive cloud-based endpoint security tool is designed to be extremely user-friendly and does not need the technical expertise of a dedicated IT admin to operate. It greatly simplifies operations and is therefore ideal for small businesses as well. -
43
ESET PROTECT Complete is a comprehensive cybersecurity solution designed to safeguard business endpoints, cloud applications, and email systems. It offers advanced protection against ransomware and zero-day threats through cloud-based sandboxing technology and machine learning-driven detection. It includes full disk encryption capabilities, aiding compliance with data protection regulations. ESET PROTECT Complete also provides robust security for mobile devices, file servers, and email servers, incorporating anti-malware, anti-phishing, and anti-spam measures. Its centralized, cloud-based management console allows for streamlined deployment, monitoring, and response to security incidents across the organization. Additional features include vulnerability and patch management, ensuring that software vulnerabilities are promptly identified and addressed.Starting Price: $287.72 one-time payment
-
44
AhnLab EPP
AhnLab
AhnLab EPP is the endpoint protection platform for optimized interoperation and integrated management of diverse security functions. AhnLab EPP provides a stronger response against threats than point solutions-based responses by providing truly centralized endpoint security management and operation. Sensitive data of organizations reside in endpoints and as a result, endpoints are continually exposed to security threats. Also, the increasing diversification of operating systems and devices require organizations to widen the object and scope of protection. In response to today's highly complex security threats, organizations are introducing multiple security solutions; however, limitations in operating and managing such multiple solutions often become a vulnerability in security. -
45
Remedio
Remedio
Remedio is an AI-powered, autonomous device posture management platform that continuously discovers, monitors, and remediates security misconfigurations and configuration drift across enterprise IT and OT environments to reduce attack surface, enforce compliance, and harden endpoint security without disruption. It delivers real-time visibility into configuration risks on devices running Windows, macOS, and Linux, as well as cloud instances and servers, and automatically applies safe remediation actions that are instantly reversible, giving security teams confidence when closing gaps without business impact. Remedio simplifies policy validation and enforcement by benchmarking settings against security standards such as CIS, NIST, and MITRE frameworks and continuously re-applies policies across updates, user changes, and new devices to maintain consistent secure baselines. It provides centralized control and governance of Active Directory, Group Policy, MDM, and Intune settings. -
46
Permify
Permify
Permify is an authorization service designed to help developers build and manage fine-grained, scalable access control systems within their applications. Inspired by Google's Zanzibar, Permify enables the structuring of authorization models, storage of authorization data in preferred databases, and interaction with its API to handle authorization queries across various applications and services. It supports multiple access control models, including Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC), allowing for the creation of granular permissions and policies. Permify centralized authorization logic, abstracting it from the codebase to facilitate easier reasoning, testing, and debugging. It offers flexible policy storage options and provides a role manager to handle RBAC role hierarchies. The platform also supports filtered policy management for efficient enforcement in large, multi-tenant environments.Starting Price: Free -
47
AccessPatrol
CurrentWare Inc.
AccessPatrol is a data loss prevention and USB device control software that provides a proactive solution for preventing data breaches caused by illicit data transfers. AccessPatrol controls a variety of peripherals, including… - Storage devices such as USB flash drives and external hard drives - Wireless Devices such as Bluetooth, Infrared, and WiFi - Communication Ports such as Serial and Parallel ports - Imaging Devices such as Scanners or Cameras, and… - Other Devices such as network share drives, printers, and mobile phones File operations alerts and permissions can be configured to alert IT administrators to suspicious file operations and proactively prevent data transfers to unauthorized users. The security policies are enforced by a software agent that is installed on your user’s computers. This keeps devices restricted and monitored even when the computers are taken off of the network.Starting Price: $6 PUPM -
48
AhnLab V3 Endpoint Security
AhnLab
As threat landscapes change rapidly, many businesses are struggling to find the most efficient way to deploy and manage endpoint security solutions while ensuring security integrity and compliance. AhnLab V3 Endpoint Security is comprehensive endpoint protection that allows businesses to protect important business assets with greater confidence and agility. AhnLab V3 Endpoint Security is one of the most cost-effective and user-friendly endpoint protection solutions available in the market. AhnLab V3 Endpoint Security takes up a minimal amount of system resources compared to other endpoint protection solutions. Reap the benefits of this powerful product to take your business to a new level of threat protection. Allows device control when integrated with AhnLab’s central management solution. Provides wide-ranging control over removable media, such as USB devices, Bluetooth, and CD/DVD. -
49
FortiEDR
Fortinet
Fortinet announced the acquisition of enSilo, Inc., a leading provider of advanced endpoint security. The combination of Fortinet and enSilo further enhances the Fortinet Security Fabric by providing enterprises with a full suite of endpoint detection and response (EDR) capabilities designed to automate the protection against advanced threats, pre and post-execution, with real time orchestrated incident response functionality. enSilo’s integration with Fortigate firewalls, FortiSIEM, FortiSandbox and FortiClient, helps enterprises gain superior endpoint visibility and tightly coordinated, dynamic control of network, user, and host activity within their environment. Likewise, service providers can extract the full value of such integration and deliver a comprehensive and efficient managed detection and response (MDR) service. -
50
BrowseControl
CurrentWare Inc.
BrowseControl is an easy-to-use web filter that helps organizations enforce policies, improve productivity, reduce bandwidth consumption, and meet compliance requirements - no matter where their users are located. With BrowseControl you can… - Ensure a safe and productive environment by blocking high-risk, distracting, or inappropriate websites - Improve network performance by blocking bandwidth hogs, and... - Prevent users from using unsanctioned applications and software-as-a-service providers BrowseControl’s security policies are enforced by a software agent that is installed on your user’s computers. This allows the solution to continue blocking websites and applications even when computers are taken off-site. The Category Filtering feature is regularly updated with new websites; it allows you to block millions of websites across over 100 content categories including pornography, social media, and virus-infected sites.Starting Price: $6 PUPM
