Alternatives to pwncheck
Compare pwncheck alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to pwncheck in 2025. Compare features, ratings, user reviews, pricing, and more from pwncheck competitors and alternatives in order to make an informed decision for your business.
-
1
ManageEngine ADSelfService Plus
ManageEngine
ADSelfService Plus is an on-premises access management solution that caters to businesses across various industries, such as IT, banking, engineering, education, aviation, and telecommunications. Key features include: 1. Self-service password resets and account unlocks: Users can reset their passwords in AD and unlock their domain accounts from a web browser. 2. MFA: Machine logins, VPN and OWA logins, and cloud app logins can be secured using MFA. 3. Password synchronizer and SSO: Users can log in to multiple apps using one unified identity via SSO and real-time password synchronization. 4. Password policy enforcer: Admins can configure custom password policies to enforce strong password creation. 5. Password expiration notifier: Admins can send end users password expiration notifications via SMS or email. 6. Directory self-update: Users can update their AD attribute information through the directory self-update feature. -
2
Beyond Identity
Beyond Identity
Beyond Identity is fundamentally changing the way the world logs in–eliminating passwords and all phishable factors to provide users with the most secure and frictionless authentication on the planet. Our invisible, passwordless MFA platform enables companies to secure access to applications and critical data, stop ransomware and account takeover attacks, meet compliance requirements, and dramatically improve the user experience and conversion rates. Our revolutionary zero-trust approach to authentication cryptographically binds the user’s identity to their device, and continuously analyzes hundreds of risk signals for risk-based authentication.Starting Price: $0/ User/ Month -
3
Securden Password Vault
Securden
Store, manage, and share passwords, files, SSH keys, and DevOps secrets among IT teams. Enforce password security best practices. Ensure compliance with industry standards using comprehensive audit trails. • Centralized repository for passwords, SSH keys, DevOps secrets, and sensitive files. • Enforce password security best practices like periodic password resets. • Generate and assign unique & strong passwords to IT assets. • Share resources with IT teams and collaborate seamlessly • Eliminate hard-coded credentials with API-based application password management. • Control ‘Who’ has access to ‘What’ with granular controls. • One-click remote access to IT assets through native apps & web-based sessions. • Track all privileged activities with comprehensive Audit trails. • Demonstrate compliance with industry standards using customized reports on privileged access. • Check for breached passwords through dark web monitoring. • Auto-fill credentials on websites. -
4
Managed Threat Complete brings comprehensive risk and threat coverage into a single subscription. Managed Detection and Response (MDR) Services & Solutions. Multiple advanced detection methods, including proprietary threat intelligence, behavioral analytics, Network Traffic Analysis, and human threat hunts find evil in your environment. Our team will instantly contain user and endpoint threats to cut off the attacker. Detailed findings reports guide you to take additional remediation and mitigation actions tailored to your program. Let our team be a force multiplier for you. Detection and response experts—from your security advisor to the SOC—help you strengthen your defenses, take immediate. Standing up an effective detection and response program isn’t as simple as buying and implementing the latest security products.Starting Price: $17 per asset per month
-
5
JumpCloud
JumpCloud
JumpCloud® delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. With JumpCloud, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform. Everything in One Platform Grant users Secure, Frictionless Access™ to everything they need to do their work however they choose. Manage it all in one unified view. Cross-OS Device Management Manage Windows, macOS, Linux, iOS, iPad, and Android devices. One Identity for Everything Connect users to thousands of resources with one set of secure credentials. Comprehensive Security Enforce device policies, patches, MFA, and other security and compliance measures. Automated Workflows Connect to whatever resources you need, including Microsoft Active Directory, Google Workspace, HRIS platforms, and more.Starting Price: $9/user -
6
SentinelOne Singularity
SentinelOne
One intelligent platform. Unprecedented speed. Infinite scale. Singularity™ enables unfettered visibility, industry-leading detection, and autonomous response. Discover the power of AI-powered, enterprise-wide cybersecurity. The world’s leading enterprises use the Singularity platform to prevent, detect, and respond to cyber attacks at machine-speed, greater scale, and higher accuracy across endpoint, cloud, and identity. SentinelOne delivers cutting-edge security with this platform by offering protection against malware, exploits, and scripts. SentinelOne cloud-based platform has been perfected to be innovative compliant with security industry standards, and high-performance whether the work environment is Windows, Mac or Linux. Thanks to constant updating, threat hunting, and behavior AI, the platform is ready for any threat.Starting Price: $45 per user per year -
7
Arctic Wolf
Arctic Wolf Networks
Get better security effectiveness for your organization with the Arctic Wolf® Platform and Concierge Security® Team. Cybersecurity is a field that requires 24x7 vigilance and constant adaptation. Arctic Wolf’s cloud native platform and Concierge Security® Team delivers uniquely effective solutions. Spanning thousands of installations, the Arctic Wolf® Platform processes over 65 billion security events daily. The platform collects and enriches endpoint, network, and cloud telemetry, and then analyzes it with multiple detection engines. Machine learning and custom detection rules then deliver personalized protection for your organization. While other products have limited visibility, the vendor-neutral Arctic Wolf® Platform enables broad visibility and works seamlessly with existing technology stacks, making it easy to adopt while eliminating blind spots and vendor lock-in. -
8
Protect your users and business with seamless Account Takeover (ATO) prevention. Enzoic’s REST API integrates effortlessly into your login, account setup, and password reset workflows, providing real-time detection of compromised credentials from third-party breaches. This allows you to take immediate action, like requiring a password reset or enabling step-up authentication, to keep accounts secure. With Enzoic, you gain the benefits of proactive protection without disrupting the user experience. Our solution reduces fraud and unauthorized access by using a constantly updated database of billions of compromised credentials. Whether the threat is from a recent breach or an older one, Enzoic identifies unsafe credentials and neutralizes risks. Designed for flexibility and ease of use, Enzoic empowers your organization to stay ahead of account takeover threats while maintaining smooth operations.Starting Price: $0
-
9
Safepass.me
Safepass.me
Safepass.me is an offline Active Directory password filter designed to prevent the use of compromised passwords within organizations. It checks user-selected passwords against a database of over 550 million known compromised passwords, ensuring that weak or breached credentials are not utilized. The software operates entirely offline, eliminating the need to send password data to external servers, thereby enhancing security and compliance. Deployment is straightforward, with installation typically completed in under five minutes, requiring no client-side software. Safepass.me integrates seamlessly with existing password policies, offering features such as custom wordlists, fuzzy matching to detect variations of compromised passwords, and compatibility with Azure Active Directory and Office 365 environments. It supports additional Local Security Authority (LSA) protection modes and provides logging capabilities for integration.Starting Price: $1,200 per year -
10
Enzoic for Active Directory
Enzoic
Say goodbye to weak and compromised passwords with Enzoic for Active Directory—a simple, automated solution that keeps your organization secure without the hassle. Designed to work quietly in the background, Enzoic makes password protection effortless. - Effortless Security: Automatically screens and protects passwords 24/7. - Real-Time Breach Protection: Continuously updates to block passwords exposed in breaches. - Comprehensive Coverage: Secures entire credential sets, not just passwords. - User-Friendly Guidance: Blocks weak passwords like "123456" and helps users create safer ones. - Easy Compliance: Achieve NIST 800-63B compliance effortlessly. - Simple UX: Optional Windows client provides feedback without overwhelming IT teams. Backed by a cutting-edge database of billions of compromised passwords and updated daily, Enzoic ensures your organization stays ahead of security threats. Simplify security, protect your business, and empower your IT team with Enzoic.Starting Price: $0 -
11
nFront Password Filter
nFront
nFront Password Filter is a robust password policy enforcement tool for Windows Active Directory, designed to prevent the use of weak, easily hacked passwords. It allows administrators to create and enforce up to 10 different granular password policies within a single Windows domain, each applicable to specific security groups or organizational units. Key features include the ability to set minimum and maximum limits on specific character types, dictionary blacklisting, checking against breached passwords (it can check against 847 million breached passwords in 60 milliseconds), etc. The software also supports length-based password aging, incentivizing users to create longer, more secure passwords by allowing extended validity periods for longer passwords. Additionally, nFront Password Filter can check proposed passwords against a database of compromised passwords, enhancing security by preventing the reuse of breached credentials. -
12
VeriClouds
VeriClouds
VeriClouds CredVerify is the only service designed to detect, verify and remediate the use of weak or stolen credentials throughout the entire user lifecycle, from registration to authentication and password reset. It takes seconds to detect, offers immediate response, and has over 90% coverage. Rest assured you will be protected by the highest standards in security, and know that part of VeriClouds’ service policy is hard dedication in complying with key security points. Automates the detection of unauthorized login attempts and integrates with real-time policy enforcement measures. Significantly minimizes the threat from the number one cause of data breaches, a weak or stolen password. Reduces the likelihood of an account takeover or credential stuffing attack from being successful. CredVerify can be consumed as a service in the VeriClouds cloud, or it can be deployed in a customer’s cloud environment with just a few lines of code. -
13
Specops Password Auditor
Specops Software
Authentication and password security is more important than ever. Our password audit tool scans your Active Directory and identifies password-related vulnerabilities. The collected information generates multiple interactive reports containing user and password policy information. Specops Password Auditor is a read-only program, and available for free download. Analyze your domain password policies, and fine-grained password policies, to see if they enable users to create secure passwords. Generate reports to identify accounts with password vulnerabilities, including expired passwords, identical passwords, blank passwords, and more. In addition to these insights, Specops Password Auditor allows you to measure the effectiveness of your policies against a brute-force attack. For a complete list of the password reports, see the product overview.Starting Price: Free -
14
Specops Password Policy
Specops Software
Get serious about password security. Enforce compliance requirements, block compromised passwords, and help users create stronger passwords in Active Directory with dynamic, informative client feedback. Specops Password Policy extends the functionality of Group Policy, and simplifies the management of fine-grained password policies. The solution can target any GPO level, group, user, or computer with dictionary and passphrase settings. Need a comprehensive list of vulnerable passwords to prevent dictionary attacks? Our password policy tool gives you many options. You can use a password dictionary, a file containing commonly used and/or compromised passwords, to prevent users from creating passwords susceptible to dictionary attacks. During a password change in Active Directory, the password check rejects any passwords found in the dictionary. Create a custom dictionary containing potential passwords relevant to your organization, including company name, location, services, and more. -
15
Netwrix Password Policy Enforcer
Netwrix
Frustrate hackers, satisfy auditors and delight users with password policy enforcer from Netwrix. Leaked and weak passwords remain a gaping hole in IT networks, making it far too easy for attackers to gain the foothold they need to steal sensitive data, damage systems and unleash ransomware. Unfortunately, native Windows tools often cannot deliver the detailed configurations and rules required for modern password policies, leaving IT teams struggling to keep up with the changing threat landscape and evolving compliance requirements. Meanwhile, user productivity suffers and IT helpdesks are swamped as users grapple with unclear requirements for new passwords. Learn how Netwrix Password Policy Enforcer can help you achieve truly effective password enforcement without all the hassles. -
16
Falcon Identity Threat Detection
CrowdStrike
Falcon Identity Threat Detection lets you see all Service and Privileged accounts on your network and cloud with full credential profiles and weak authentication discovery across every domain. Analyze every domain in your organization for potential vulnerability from stale credentials, and weak or stale passwords, see all service connections and weak authentication protocols in use. Falcon Identity Threat Detection monitors the domain controllers on-premises or in the cloud (via API) to see all authentication traffic. It creates a baseline for all entities and compares behavior against unusual lateral movement, Golden Ticket attacks, Mimikatz traffic patterns and other related threats. It can help you see Escalation of Privilege and anomalous Service Account activity. Falcon Identity Threat Detection reduces the time to detect by viewing live authentication traffic, which expedites finding and resolving incidents. -
17
Intelligent Threat Detection. Faster Response. 98% of all threats start with Active Directory and nearly always involve the compromise of data stored on enterprise data stores. Our unique combination of detailed auditing, anomaly detection, real time alerting, and real time data discovery and classification allows you to identify, prioritize and investigate threats - fast. Protect Sensitive Data from Rogue Users and Compromised User Accounts. We enable you to detect and investigate threats to your most sensitive data in ways no other vendor can. Bringing together data discovery and classification with threat detection enables you to investigate all events, changes, actions and anomalies with context. End to end visibility of Active Directory, Group Policy, File Servers, Office 365, NetApp, SharePoint, Box, Dropbox and more. Detect and Respond to Security Threats 10x Faster. Investigate threats as they emerge in Active Directory and track movement
-
18
Traced Security
Traced Security
SaaS platforms are increasingly targeted by cybercriminals, resulting in severe data breaches. Understanding and mitigating these threats is essential for maintaining security. Complex SaaS environments obscure security threats. Achieving full visibility is crucial for identifying and addressing potential vulnerabilities effectively. Inadequate SaaS security can lead to non-compliance with regulations. Ensuring compliance is vital to avoid penalties and maintain trust. Weak data governance in SaaS can result in unauthorized access and data loss. Robust data protection measures are necessary to secure sensitive information. Achieve comprehensive insights, user behavior, data exposure, SaaS risks, and compliance with Cybenta AI. Enhance your SaaS security by prioritizing and addressing vulnerabilities with AI-driven analytics and automated remediation. Streamline the management and governance of apps and identities through automation and orchestration. -
19
Baits
MokN
Baits is an innovative deception-based security solution designed to detect and neutralize credential theft before attackers can exploit stolen identities. By deploying realistic decoy authentication portals (e.g., VPN SSL, webmail), Baits tricks attackers into revealing compromised credentials, providing organizations with real-time threat intelligence and enabling them to act before a breach occurs. Unlike traditional monitoring solutions, Baits intercepts credentials that aren’t found on the dark web, as attackers often use them directly. The platform integrates seamlessly into security operations, helping organizations detect, track, and neutralize credential-based threats. Baits is ideal for enterprises looking to enhance proactive threat detection, strengthen identity security, and stay ahead of attackers. -
20
Quest Security Guardian
Quest
Quest Security Guardian is an Active Directory (AD) security tool designed to enhance identity threat detection and response and improve your AD security posture. Operating from a streamlined, unified workspace, it alleviates alert fatigue by prioritizing vulnerabilities and configurations, making it easier to maximize hybrid AD security. Powered by Azure AI and deep machine learning, and seamlessly integrated with Microsoft Security Copilot, Security Guardian quickly identifies what happened, if you're exposed, and how to remediate. It allows you to benchmark your AD and Entra ID configurations against industry best practices, lock down critical objects such as Group Policy Objects (GPOs) from misconfiguration and compromise, and continuously monitor for anomalous user activities and emerging hacker tactics. By leveraging cross-product AI insights from Microsoft Security Copilot, it simplifies and accelerates threat detection and response. -
21
QOMPLX
QOMPLX
QOMPLX Identity Threat Detection and Response (ITDR) continuously validates to prevent network takeovers. QOMPLX ITDR uncovers existing Active Directory (AD) misconfigurations and detects attacks in real time. Identity security is essential to network operations. Verify identity in real-time. We verify everyone to prevent privilege escalation and lateral movement. We integrate with your current security stack and use it to augment our analytics resulting in comprehensive visibility. Understand the priority and severity of threats so resources can spend time where it matters most. Real-time detection and prevention stop attackers from bypassing security measures. From Active Directory (AD) security to red teaming and more, our experts are here to support your needs. QOMPLX enables clients to holistically manage and reduce cybersecurity risks. Our analysts will implement our SaaS solutions and monitor your environment. -
22
AuthMind
AuthMind
Prevent your next identity-related cyberattack with the AuthMind platform. It works anywhere and deploys in minutes. As we use a growing number of applications and systems, spanning different environments (cloud, SaaS apps, on-premises, etc.), it’s clear that keeping them secure is more challenging than ever. Traditional security tools are prone to misconfiguration and human error that often leave the organization exposed to risk. The answer is to look beyond an organization’s identity infrastructure. AuthMind is the only ITDR solution that provides you with end-to-end visibility into user activity across the integrated application landscape. By continuously mapping all access flows across all applications, AuthMind uniquely detects and remediates previously hidden security gaps such as shadow access, exposed assets, compromised identities, unknown SaaS apps, shadow accesses, lack of MFA, and much more. AuthMind works in any cloud or network. -
23
Specops Password Sync
Specops Software
Streamline passwords for users with just one password across multiple business systems. Specops Password Sync instantly synchronizes Active Directory passwords to domains, or other systems. This includes domains in the same forest/other forests, on-premises systems (e.g. Kerberos), and SaaS targets (e.g. O365). The tool enhances security by ensuring that password complexity applies to all systems consistently. Specops Password Sync effectively extends Active Directory password security to other business systems, including external SaaS resources. When combined with a strong password policy, the product ensures that the same level of password complexity applies to all connected systems. Built on Active Directory, the tool captures and synchronizes all changes to a user’s password in accordance with the synchronization rules defined in Group Policy. The solution can be setup in just a few hours by configuring the local Active Directory. -
24
GateKeeper Password Manager
Untethered Labs, Inc.
Proximity-based passwordless login to PCs, Macs, websites, and desktop applications. Hands-free, wireless 2FA and password manager through active proximity-detection. IT admins can dynamically allow users to log in to their computers and websites with a physical key either automatically, by touch, by pressing Enter, or with a PIN. Seamlessly login, switch users, switch computers, and logout without passwords, touch, or trouble - just a key. Once a user walks away, the computer will lock, blocking access to the computer and web passwords. With continuous authentication, users are always being checked to ensure that they require access. No more typing passwords. Admins and compliance can now automate password security from a central admin console: enforce stronger passwords, enforce 2FA, and give employees the power of password-free login without interrupting workflow. Reduce helpdesk tickets related to forgotten passwords/password resets. Login and auto-lock with presence-detection.Starting Price: $3/user/month -
25
GateKeeper Enterprise
Untethered Labs, Inc.
Passwordless, proximity login to PCs, Macs, websites, and desktop applications. Hands-free, wireless 2FA and password manager through active proximity-detection. IT admins can dynamically allow users to log in to their computers and websites with a physical key either automatically, by touch, by pressing Enter, or with a PIN. Seamlessly login, switch users, switch computers, and logout without passwords, touch, or trouble - just a key. Once a user walks away, the computer will lock, blocking access to the computer and web passwords. With continuous authentication, users are always being checked to ensure that they require access. No more typing passwords. Admins and compliance can now automate password security from a central admin console: enforce stronger passwords, enforce 2FA, and give employees the power of password-free login without interrupting workflow. Reduce helpdesk tickets related to forgotten passwords/password resets. Login and auto-lock with proximity.Starting Price: $3/user/month -
26
Password Manager Pro is a secure vault for storing and managing shared sensitive information such as passwords, documents and digital identities of enterprises. The benefits of deploying Password Manager Pro include: Eliminating password fatigue and security lapses by deploying a secure, centralized vault for password storage and access. Improving IT productivity many times by automating frequent password changes required in critical systems. Providing preventive & detective security controls through approval workflows & real-time alerts on password access. Meeting security audits and regulatory compliance such as SOX, HIPAA and PCI. Video record & audit all privileged access, and get a complete record of all actions. Control access to IT resources and applications based on roles and job responsibilities. Launch direct connection to remote IT resources, websites and applications.Starting Price: $495 per year
-
27
Sysgem Password Management
Sysgem
Effective tools for optimising day-to-day password management for end-users - ensuring corporate and regulatory security compliance and freeing up your helpdesk. There are three components of Sysgem Self-Service Password Reset that are to be installed. The central service should typically reside on the domain controller; the web enrolment system can be installed on any IIS server in the domain; and the workstation component should be installed on all end-user workstations to allow users to reset their password on demand. The Domain Controller runs a Windows Service which carries out the operation of resetting passwords for end-users. It also holds a database of questions and answers, which are created by the end-users themselves, and subsequently used to verify the authenticity of the person wishing to reset their own password. -
28
Bravura Pass
Bravura Security
Bravura Pass is an integrated solution for managing credentials across systems and applications. It simplifies the management of passwords, tokens, smart cards, security questions and biometrics. Bravura Pass lowers IT support cost and improves the security of login processes. Bravura Pass includes password synchronization, self-service password and PIN reset, strong authentication, federated access, enrollment of security questions and biometrics and self-service unlock of encrypted drives. Users may also have smart cards or tokens that users unlock with a PIN (which they will occasionally forget). They may also use security questions in some contexts or a password to unlock an encrypted drive on their PC. Some users use biometrics, such as finger prints, voice prints or face recognition to sign into systems or applications. Users may experience login problems with any of these credentials. -
29
DDP Mobile Edition
Dell
Today employees, partners and vendors alike work any time, anywhere, using any device to download and share files. Personally owned smartphones and tablets, like desktops and laptops, have become a standard work tool. Accordingly, most organizations are embracing the bring your own device movement, recognizing it helps to both reduce equipment costs and increase productivity. But without proper encryption and password enforcement, data accessed on mobile devices, whether from a corporate server or a public cloud, is unprotected. If the device is lost or stolen, or if data is accessed through an open wireless hotspot, it could be hijacked, putting companies in jeopardy of a security breach and compliance violations. IT teams are struggling to strike a balance between protecting data and impeding worker productivity by restricting data access. Dell Data Protection | Mobile Edition helps to put IT back in control of data security by enabling you to protect data. -
30
Zoho Directory
Zoho
Zoho Directory is a cloud-based identity and access management platform designed to streamline authentication, authorization, and user management for organizations. It offers Single Sign-On (SSO) capabilities, allowing employees to access multiple applications with a single set of credentials, thereby enhancing security and user convenience. The platform supports Multi-Factor Authentication (MFA), adding an extra layer of protection against unauthorized access. Device authentication ensures secure access to both applications and devices, enabling employees to use the same credentials across platforms. Zoho Directory also provides robust provisioning features, allowing IT administrators to create and manage user profiles across various applications directly from the platform, reducing the time spent on repetitive tasks. Integration with existing directories, such as Microsoft Active Directory and Azure AD, is facilitated through directory stores.Starting Price: $1.70/user/month -
31
FYEO
FYEO
FYEO secures enterprises and individuals from cyber attacks with security audits, real-time threat monitoring and intelligence, anti-phishing solutions and decentralized identity management. End-to-end blockchain security services and auditing for Web3. Protect your organization and employees from cyberattacks with FYEO Domain Intelligence. Decentralized password management and identity monitoring services made simple. End user breach and phishing alert system. Uncover vulnerabilities and protect both your application and your users. Identify and address cyber risks across a company before you take on the liability. Protect your company from ransomware, malware, insider threats, and more. Our team works collaboratively with your development team to identify potentially critical vulnerabilities before they can be exploited by a malicious actor. FYEO Domain Intelligence delivers real-time cyber threat monitoring and intelligence to help secure your organization. -
32
Intercede MyID
Intercede
MyID® credential management software enables governments and large enterprises to issue and manage digital identities using the most secure method of multi-factor authentication to citizens, large workforces and supply-chains. Today, MyID enables the strong authentication of millions of people to the data, systems and networks they need access to. For those responsible for information security, MyID provides easy integration and control over digital identity issuance and management. For end users, whether citizens or employees, MyID enables seamless, secure access to company systems, networks and resources using multi-factor authentication via a variety of devices. Faced with ever increasing threats of cyber terrorism, identity fraud and crime, MyID® provides a cyber secure credential management software solution. Where data really matters, you will find MyID. The security, reliability and interoperability of MyID software sets it apart. -
33
ManageEngine AD360
Zoho
AD360 is an integrated identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. From user provisioning, self-service password management, and Active Directory change monitoring, to single sign-on (SSO) for enterprise applications, AD360 helps you perform all your IAM tasks with a simple, easy-to-use interface. AD360 provides all these functionalities for Windows Active Directory, Exchange Servers, and Office 365. With AD360, you can just choose the modules you need and start addressing IAM challenges across on-premises, cloud, and hybrid environments from within a single console. Easily provision, modify, and deprovision accounts and mailboxes for multiple users at once across AD, Exchange servers, Office 365 services, and G Suite from a single console. Use customizable user creation templates and import data from CSV to bulk provision user accounts.Starting Price: $595.00 / year -
34
SlashID
SlashID
Identity is the most common vector for lateral movement and data breaches. SlashID helps you build a secure, compliant, and scalable identity infrastructure. Manage the creation, rotation and deletion of identities and secrets in a single place. Complete inventory of all your identities and secrets, multi-cloud. Detect initial access, privilege escalation, and lateral movement across your IdPs and cloud environments. Add authentication, authorization, conditional access, and tokenization to your services. Detect leaked key materials in real-time and prevent data breaches by rotating them. Automatically block, suspend, rotate or enforce MFA on a detection to reduce the impact of an attack. Add MFA and conditional access to your applications. Add authentication, authorization, credential tokenization, and conditional access to your APIs and workloads. -
35
RapidIdentity
Identity Automation
Identity Automation delivers the most scalable, full-lifecycle identity, access, governance, and administration solution. As the company's flagship product, RapidIdentity helps organizations increase business agility, embrace security, and deliver an enhanced user experience. For organizations looking to streamline security, reduce risk from network and data breaches, and lessen IT costs, use RapidIdentity today! -
36
BloodHound Enterprise
BloodHound Enterprise
The problem of attack path management requires a fundamentally different, unique methodology designed to help organizations understand, empirically quantify the impact, and eliminate identity-based attack path risks. Enterprise networks, user privileges, application permissions, and security group memberships are dynamic. Consider that in every system a privileged user logs into they leave behind tokens and credentials for adversaries to obtain. Because the connections and behaviors that form attack paths are continuously changing, the attack paths themselves must also be continuously mapped. The haphazard elimination efforts of AD misconfigurations provide zero security posture improvement and negatively impact team productivity. However, if you can empirically identify the specific misconfigurations that allow you to eliminate the largest number of attack paths you can generate meaningful security posture improvement and increase your team’s productivity. -
37
IBM’s identity threat detection and response and identity security posture management solution provide you with end-to-end visibility into user activity across the hybrid landscape of siloed IAM tools used across cloud, SaaS, and on-prem applications. IBM Verify Identity Protection provides the ISPM and ITDR functionality to keep your organization safe. Easily deployed without any agents or clients and designed to work in any cloud or network, IBM Verify Identity Protection extends your existing cybersecurity solutions by analyzing and delivering actionable identity risk information that is critical for your security operations. Detects and enables remediation of identity-related blind spots such as shadow assets, unauthorized local accounts, missing multi-factor authentication, and usage of unauthorized SaaS apps across any cloud or platform. Detect vulnerable misconfigurations caused by human error, hazardous deviations from policy, and inadequate implementations of identity tools.
-
38
Microsoft Entra ID Protection
Microsoft
Microsoft Entra ID Protection uses advanced machine learning to identify sign-in risks and unusual user behavior to block, challenge, limit, or allow access. Extend risk-based adaptive access policies to help protect against malicious actors. Safeguard sensitive access with high-assurance authentication methods. Export intelligence back into any Microsoft or other security information and event management (SIEM) and extended detection and response (XDR) tools for further investigation. Elevate your identity security with a comprehensive snapshot of prevented identity attacks and common attack patterns in an easily digestible dashboard. Secure access for any identity, from anywhere, to any resource across the cloud and on-premises. -
39
Veza
Veza
Data is being reconstructed for the cloud. Identity has taken a new definition beyond just humans, extending to service accounts and principals. Authorization is the truest form of identity. The multi-cloud world requires a novel, dynamic approach to secure enterprise data. Only Veza can give you a comprehensive view of authorization across your identity-to-data relationships. Veza is a cloud-native, agentless platform, and introduces no risk to your data or its availability. We make it easy for you to manage authorization across your entire cloud ecosystem so you can empower your users to share data securely. Veza supports the most common critical systems from day one — unstructured data systems, structured data systems, data lakes, cloud IAM, and apps — and makes it possible for you to bring your own custom apps by leveraging Veza’s Open Authorization API. -
40
Bravura Safe
Bravura Security
Bravura Safe is a zero-knowledge secret and passwords manager that centrally, consistently, and securely manages decentralized passwords, and secrets so your employees don't have to. It complements core password management solutions that organizations already use. Bravura Safe leverages two decades of Bravura Security’s enterprise cybersecurity solutions. Employees can securely send time-bound passwords for new accounts, encryption keys for files, or entire files without them being leaked or intercepted, and with only one password to their Bravura Safe to remember. The recent rising threat of organizational insiders being paid to help in cyberattacks combined with notoriously bad secret and password hygiene at an individual level is a cause for cybersecurity leaders to be concerned. While IT teams have focused on implementing strong SSO, password management, identity and even privileged access management solutions, the work-from-home world has caused shadow IT to explode. -
41
OAuth
OAuth.io
Focus on your core app and get to market faster. OAuth.io handles identity infrastructure, maintenance, and security overhead, so your team doesn’t have to. Identity can be difficult, OAuth.io makes it easy. Choose identity providers, add custom attributes, customize your login page or use our widget, integrate with your app - identity solved in minutes. Manage your users from our easy to use dashboard - find and manage users, reset passwords, enforce two-factor authentication, and add memberships and permissions through OAuth.io's simple and easy to use User Management. Fully-featured, hyper-secure user authentication using passwords or tokens. From multi-tenant to complex permissions, OAuth.io has your user authorization modeling covered. Force a second factor of user authentication with our popular integrations.Starting Price: $19 per month -
42
Stytch
Stytch
The authentication platform for developers. Onboard, authenticate, and engage your users with Stytch’s APIs. Improve security and user experience with flexible, passwordless authentication solutions. Let us build the infrastructure, so you can focus on your product. Our SDKs offer flexible templates that can be tailored to your colors, fonts, and logo, so you can easily create seamless onboarding and authentication experiences that delight users and complement your brand—without the trouble of building UI from the ground up. For even more control over your user experience, choose our direct API integration, which considers both developer and user experience to ensure fast, safe, and easy passwordless authentication flows. We make the integration quick and painless, with clear and comprehensive documentation. -
43
Verosint
Verosint
Verosint's Threat Detection, Investigation and Response platform provides real-time, intelligent ITDR for both workforce and customer identities. -Fastest MTTD & MTTR: Detect and respond to Identity based threats faster than anyone else in the industry -Detect Advanced Threats: Spot session hijacking, credential stuffing, account takeovers and more -Investigate Efficiently: Our customers say investigating incidents has gone from days to minutes with our AI Insights, unparalleled visibility and intelligence -Remediate Quickly: Automatically resolve identity threats with our integrated remediation playbooks -Easy to Deploy: Deploys in 60 minutes or lessStarting Price: $1/user/month -
44
Netwrix GroupID
Netwrix
The user accounts and groups in your Active Directory and Microsoft Entra ID (formerly Azure AD) provide access to your sensitive data and systems. But trying to manage groups and users manually is a huge burden on your precious IT resources and often leads to errors that create security vulnerabilities. Netwrix GroupID automates and delegates group and user management to ensure your directories remain current, empowering you to enhance security while increasing IT productivity. Create queries that dynamically determine group membership based on users’ current attributes. In addition, ensure any attribute change to a parent group is automatically reflected in its child groups. Automatically provision and deprovision user accounts by syncing data from an authoritative source such as your HRIS platform. Sync changes to groups and users across identity stores in near real time — without any third-party connector. -
45
Darktrace
Darktrace
Darktrace is a cybersecurity platform powered by AI, providing a proactive approach to cyber resilience. Its ActiveAI Security Platform delivers real-time threat detection, autonomous responses to both known and novel threats, and comprehensive visibility into an organization’s security posture. By ingesting enterprise data from native and third-party sources, Darktrace correlates security incidents across business operations and detects previously unseen threats. This complete visibility and automation reduce containment time, eliminate alert fatigue, and significantly enhance the efficiency of security operations. -
46
ClearVector
ClearVector
ClearVector is an identity-driven security platform designed to provide real-time detection, investigation, and containment of threats across cloud-native environments. It offers instant notifications of risky activity with the ability to stop and isolate incidents with a single click, enabling rapid decision-making and accountability. ClearVector allows users to investigate incidents by identifying who made changes and why, applying existing incident response knowledge to AWS or GCP environments. ClearVector extends its identity-driven security framework into AWS S3 buckets through its bucket intelligence capability, offering real-time identity attribution for all bucket operations, detailed metrics, and rapid detection of suspicious activities. It also supports deployment directly within AWS environments via ClearVector Private SaaS, ensuring complete data isolation and compliance with data sovereignty requirements.Starting Price: $500 per month -
47
Proofpoint Identity Threat Defense
Proofpoint
In an ever-changing hybrid world, your organization depends on its employees, their virtual identities, and the endpoints they operate on to build and protect its assets. Threat actors have found unique ways to move laterally across your cloud environments by exploiting such identities. You need an innovative and agentless identity threat detection and response solution to discover and remediate modern identity vulnerabilities—a key part of today’s attack chain. Proofpoint Identity Threat Defense, previously Illusive, gives you comprehensive prevention and visibility across all your identities so you can remediate identity vulnerabilities before they become real risks. You can also detect any lateral movements in your environments and activate deception to ensure threat actors are stopped in action before they gain access to your corporate assets. It doesn’t get better than knowing you can prevent modern identity risks and stop real-time identity threats in action, all in one place. -
48
Authomize
Authomize
Authomize continuously detects all effective relationships between both human and machine identities to company assets throughout all your organization’s environments (IaaS, PaaS, SaaS, Data, On-prem), down to the most granular company asset and normalized consistently across apps. Authomize offers a continuously updated inventory of your identities, assets and access policies, blocking unintended access with guardrails and alerting on anomalies and various risks. Authomize’s AI-driven engine harnesses its comprehensive and granular visibility over all of an organization’s environments to construct an optimal set of access policies for any identity-asset relationship. This SmartGroup technology performs continuous access modeling, self-correcting as it incorporates new inputs such as actual usage, activities and decisions you take to create an optimal and accurate permission structure. -
49
Plurilock AI Cloud
Plurilock Security
Plurilock AI Cloud is a cloud-native single sign-on (SSO), passwordless (FIDO2/webauthn), and cloud access security broker (CASB) platform designed specifically for cloud-centric companies relying on an army of SaaS applications to succeed. With Plurilock AI Cloud, companies enable their employees to sign on once to access all of their applications, and gain extensive, granular control over application and workflow access by device, location, time of day, software versions, groups, and organizational units. Plurilock AI Cloud is part of the Plurilock AI platform, which grows as companies do, with simple expansion paths to full, endpoint-based DLP, and then to true continuous, real-time authentication and user/entity behavior analytics (UEBA) for real-time biometric identity threat detection and response (ITDR). Plurilock AI Cloud is rated top in the industry in customer satisfaction, based on the feedback of actual customers.Starting Price: $12/user/year -
50
Silverfort
Silverfort
Silverfort’s Unified Identity Protection Platform is the first to consolidate security controls across corporate networks and cloud environments to block identity-based attacks. Using innovative agentless and proxyless technology, Silverfort seamlessly integrates with all existing IAM solutions (e.g., AD, RADIUS, Azure AD, Okta, Ping, AWS IAM), extending coverage to assets that could not previously have been protected, such as legacy applications, IT infrastructure, file systems, command-line tools, and machine-to-machine access. Our platform continuously monitors all access of users and service accounts across both cloud and on-premise environments, analyzes risk in real time, and enforces adaptive authentication and access policies.