Alternatives to Cedar
Compare Cedar alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Cedar in 2026. Compare features, ratings, user reviews, pricing, and more from Cedar competitors and alternatives in order to make an informed decision for your business.
-
1
Amazon Verified Permissions
Amazon
Amazon Verified Permissions is a fully managed authorization service that uses the provably correct Cedar policy language, so you can build more secure applications. With Verified Permissions, developers can build applications faster by externalizing authorization and centralizing policy management. They can also align authorization within the application with Zero Trust principles. Security and audit teams can better analyze and audit who has access to what within applications. Accelerate application development by decoupling authorization from business logic. Protect application resources and manage user access to the principle of least privilege. Amazon Verified Permissions is a fully managed, Cedar-compatible permissions management and fine-grained authorization service for the applications that you build. Using Cedar, an expressive, performant, and analyzable open source policy language, developers and admins can define policy-based access controls.Starting Price: $0.00015 per request -
2
Permify
Permify
Permify is an authorization service designed to help developers build and manage fine-grained, scalable access control systems within their applications. Inspired by Google's Zanzibar, Permify enables the structuring of authorization models, storage of authorization data in preferred databases, and interaction with its API to handle authorization queries across various applications and services. It supports multiple access control models, including Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC), allowing for the creation of granular permissions and policies. Permify centralized authorization logic, abstracting it from the codebase to facilitate easier reasoning, testing, and debugging. It offers flexible policy storage options and provides a role manager to handle RBAC role hierarchies. The platform also supports filtered policy management for efficient enforcement in large, multi-tenant environments.Starting Price: Free -
3
Aserto
Aserto
Aserto helps developers build secure applications. It makes it easy to add fine-grained, policy-based, real-time access control to your applications and APIs. Aserto handles all the heavy lifting required to achieve secure, scalable, high-performance access management. It offers blazing-fast authorization of a local library coupled with a centralized control plane for managing policies, user attributes, relationship data, and decision logs. And it comes with everything you need to implement RBAC or fine-grained authorization models, such as ABAC, and ReBAC. Take a look at our open-source projects: - Topaz.sh: a standalone authorizer you can deploy in your environment to add fine-grained access control to your applications. Topaz lets you combine OPA policies with Zanzibar’s data model for complete flexibility. - OpenPolicyContainers.com (OPCR) secures OPA policies across the lifecycle by adding the ability to tag, verStarting Price: $0 -
4
Permit.io
Permit.io
Full Stack Permissions as a service. Check authorization as done, focus on your core product. Use the right tool for the right task. Use the right language for the right policy. Say no to Lock-in. Mix and match the policy engines you need. Permit.io supports OPA's Rego and now adds AWS' Cedar, and Amazon Verified Permissions. Generate Policy as code directly into Git, and deploy in realtime into the agent in your app. Makes granting permissions as easy as checking a box. Manage and edit your policies with in seconds instead of days. Work with a simple UI, API, or directly with Rego code. Enable multi-tenancy, RBAC, ABAC, ReBAC, and more with a single streamlined interface. Provide low-code/no-code interfaces for non-technical users. Ensure future requirements are met with policy as code. Get Git Ops support out-of-the-box. -
5
OpenFGA
The Linux Foundation
OpenFGA is an open source authorization solution that enables developers to implement fine-grained access control using a user-friendly modeling language and APIs. Inspired by Google's Zanzibar paper, it supports various access control models, including Relationship-Based Access Control (ReBAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). OpenFGA offers SDKs for multiple programming languages, such as Java, .NET, JavaScript, Go, and Python, facilitating seamless integration into diverse applications. The platform is designed for high performance, capable of processing authorization checks in milliseconds, making it suitable for projects ranging from small startups to large enterprises. Operating under the Cloud Native Computing Foundation (CNCF) as a sandbox project, OpenFGA emphasizes transparency and community collaboration, inviting contributions to its development and governance.Starting Price: Free -
6
Blue Cedar
Blue Cedar
Easily modify mobile apps to meet security needs without developer assistance. Execute streamlined mobile app deployments. Manage zero-trust network access (ZTNA) controls for mobile apps and devices. Reduce lead time with workflows that orchestrate fragmented deployments efforts, coordinate technologies, and enhance cross-team collaboration. Easily address your unique deployment needs with our workflow builder, deployment and enhancement services, and integrations with popular technologies. Use visualizations of analyzed workflow data to optimize future deployments. The Blue Cedar platform is used by leaders in finance, insurance, healthcare, government, energy, and other industries. Request a demo today to find out how Blue Cedar can help you streamline mobile app deployments. Add new functionality to mobile apps without coding. Orchestrate any sequence of deployment tasks. Enable zero-trust access from any mobile app on any device. -
7
Manages users, groups and roles. Authentication, delegation, authorization and auditing. Role-based access control, entitlements and time-based access rules. Manages access control policies for Web, Java and CORBA® resources. Manages access control policies for fine-grain application data and/or features. Central administration with flexible deployment options. Features specifically designed to aid in meeting privacy legislation. Supports integration with existing security infrastructure. Provides foundation for orb2 for Java Security Services.
-
8
Cloudentity
Cloudentity
Cloudentity increases development velocity, audit efficiency and risk mitigation by advancing fine-grained authorization policy management and delivering continuous, transaction-level enforcement across hybrid, multi-cloud and microservice environments. Externalize authorization management that empowers developers to efficiently create policy-as-code, provision standardized controls, and invoke contextual access and data exchange enforcement as close to the service as possible. Accelerate application delivery by expediting security validation with full data lineage for audit, forensics and compliance. Cloudentity provides dynamic authorization governance that delivers policy automation and adaptive control ensuring Zero Trust between users, apps, services and data. Automate app, service and API inventory, authorization policy standardization, and declarative authorization provisioning to streamline release security verification. -
9
Casbin
Casbin
Casbin is an open-source authorization library that supports various access control models, including Access Control Lists (ACL), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). It is implemented in multiple programming languages such as Golang, Java, C/C++, Node.js, JavaScript, PHP, Laravel, Python, .NET (C#), Delphi, Rust, Ruby, Swift (Objective-C), Lua (OpenResty), Dart (Flutter), and Elixir, providing a consistent API across different platforms. Casbin abstracts access control models into configuration files based on the PERM metamodel, allowing developers to switch or upgrade authorization mechanisms by simply modifying configurations. It offers flexible policy storage options, supporting various databases like MySQL, PostgreSQL, Oracle, MongoDB, Redis, and AWS S3. The library also features a role manager to handle RBAC role hierarchies and supports filtered policy management for efficient enforcement.Starting Price: Free -
10
PingDataGovernance
Ping Identity
Digital transactions and data are exploding, but authorization logic is scattered across your enterprise. Updating, auditing and managing that logic can be tedious or even impossible. PingDataGovernance provides centralized authorization policies that can evaluate identity attributes, entitlements, consents, the requesting app or other contextual information to authorize critical actions and the retrieval of high-value data. You’ll have the agility to react instantly without sacrificing security or regulatory compliance. Anyone can update policies in minutes with a simple drag-and-drop UI. And you can choose which teams it’s most appropriate to give access to so they can manage policies—or any portion of them. Unlike traditional role-based access control (RBAC), dynamic authorization assembles key contextual data attributes and evaluates the validity of access requests in real time. This lets you centrally enforce policies to comply with regulatory requirements. -
11
UNIT-e
Education Software Solutions Ltd.
UNIT-e puts the power of your education management solutions firmly into the hands of your students, staff and senior leaders. By removing data silos and creating a single source of truth spanning the full student journey, UNIT-e education management solutions help data-driven further and higher education providers respond to challenges in the sector, faster. Looking for the best education management solutions? Contact one of our expert sales team to talk through how our products and services can help. Bring together your college community with CEDAR, an easy-to-use engagement tool, accessible across any device, that allows students, parents and staff to access a data rich view of individual's progress, attendance, performance and more. Bring together your college community with CEDAR, an easy-to-use engagement tool, accessible across any device, that allows students, parents and staff to access a data rich view of individual's progress, attendance, performance and more. -
12
TrustLogix
TrustLogix
The TrustLogix Cloud Data Security Platform breaks down silos between data owners, security owners, and data consumers with simplified data access management and compliance. Discover cloud data access issues and risks in 30 minutes or less, without requiring visibility to the data itself. Deploy fine-grained attribute-based access control (ABAC) and role-based access control (RBAC) policies and centrally manage your data security posture across all clouds and data platforms. TrustLogix continuously monitors and alerts for new risks and non-compliance such as suspicious activity, over-privileged accounts, ghost accounts, and new dark data or data sprawl, thus empowering you to respond quickly and decisively to address them. Additionally, alerts can be reported to SIEM and other GRC systems. -
13
NextLabs
NextLabs
NextLabs CloudAz is a zero trust policy platform that enforces security policies consistently across the enterprise and beyond. It’s powered by a patented dynamic authorization policy engine and is the backbone of NextLabs’ Data Centric Security Suite consisting of Entitlement Management, Data Access Security, and Digital Rights Management (DRM) products. CloudAz integrates automated data classification, attribute-based access control (ABAC), data masking & segregation, digital rights (DRM) protection, and audit capabilities into one powerful platform that enables you to better align policies with rapidly changing business requirements while keeping up with the increasing cybersecurity challenge. The platform can be delivered either on-premises or in the cloud. -
14
Fine-grained access control and visibility for centrally managing cloud resources. Identity and Access Management (IAM) lets administrators authorize who can take action on specific resources, giving you full control and visibility to manage Google Cloud resources centrally. For enterprises with complex organizational structures, hundreds of workgroups, and many projects, IAM provides a unified view into security policy across your entire organization, with built-in auditing to ease compliance processes. We recognize that an organization’s internal structure and policies can get complex fast. Projects, workgroups, and managing who has authorization to do what all change dynamically. IAM is designed with simplicity in mind: a clean, universal interface lets you manage access control across all Google Cloud resources consistently. So you learn it once, then apply everywhere.
-
15
Apache Groovy
The Apache Software Foundation
Apache Groovy is a powerful, optionally typed and dynamic language, with static-typing and static compilation capabilities, for the Java platform aimed at improving developer productivity thanks to a concise, familiar and easy to learn syntax. It integrates smoothly with any Java program, and immediately delivers to your application powerful features, including scripting capabilities, Domain-Specific Language authoring, runtime and compile-time meta-programming and functional programming. Concise, readable and expressive syntax, easy to learn for Java developers. Closures, builders, runtime & compile-time meta-programming, functional programming, type inference, and static compilation. Flexible & malleable syntax, advanced integration & customization mechanisms, to integrate readable business rules in your applications. Great for writing concise and maintainable tests, and for all your build and automation tasks.Starting Price: Free -
16
Axiomatics Orchestrated Authorization
Axiomatics
With our solution, Information Access Management (IAM) teams establish policy guardrails, while enabling developers, DevOps and DevSecOps teams as well as application owners to author, test, deploy, and analyze policies. In return, you are rewarded with an authorization approach that aligns to a Zero Trust strategy, creates policy visibility, accelerates application development, and delivers confidence. Organizations on the journey toward an Orchestrated Authorization approach do so with the goal of implementing an authorization vision that can support every application and resource in their technology environment. -
17
Calico Enterprise
Tigera
A self-managed, active security platform with full-stack observability for containers and Kubernetes. Calico Enterprise is the industry’s only active security platform with full-stack observability for containers and Kubernetes. Calico Enterprise extends the declarative nature of Kubernetes to specify security and observability as code. This ensures consistent enforcement of security policies and compliance, and provides observability for troubleshooting across multi-cluster, multi-cloud and hybrid deployments. Implement zero-trust workload access controls for traffic to and from individual pods to external endpoints on a per-pod basis, to protect your Kubernetes cluster. Author DNS policies that implement fine-grained access controls between a workload and the external services it needs to connect to, like Amazon RDS, ElastiCache, and more. -
18
CyberArk Conjur
CyberArk
A seamless open source interface to securely authenticate, control and audit non-human access across tools, applications, containers and cloud environments via robust secrets management. Secrets grant access to applications, tools, critical infrastructure and other sensitive data. Conjur secures this access by tightly controlling secrets with granular Role-Based Access Control (RBAC). When an application requests access to a resource, Conjur authenticates the application, performs an authorization check against the security policy and then securely distributes the secret. Security policy as code is the foundation of Conjur. Security rules are written in .yml files, checked into source control, and loaded onto the Conjur server. Security policy is treated like any other source control asset, adding transparency and collaboration to the organization’s security requirements. -
19
PlainID
PlainID
PlainID is The Authorization Company. PlainID provides both Business AND Admin teams with a simple and intuitive means to control their organization’s entire authorization process, all based on your own business logic. The platform allows you to implement literally any kind of rules you could imagine, all without coding, and all in fine grained detail. PlainID simplifies Authorization so that thousands of Roles, Attributes and even Environmental Factors can be converted into a few logical SmartAuthorization policies using our Graph Database Decision Engine. In-depth Analytics and Insights: PlainID provides unobstructed visibility with a full audit trail. Compliance, regulation and audit requirements, they’re easy to manage on a simple graph-based UI. Access is determined dynamically and in real time, based on user attributes, environmental attributes (time, location, etc.) as well as event based authorizations. PlainID combines ABAC & RABC to a united policy. -
20
Okera
Okera
Okera, the Universal Data Authorization company, helps modern, data-driven enterprises accelerate innovation, minimize data security risks, and demonstrate regulatory compliance. The Okera Dynamic Access Platform automatically enforces universal fine-grained access control policies. This allows employees, customers, and partners to use data responsibly, while protecting them from inappropriately accessing data that is confidential, personally identifiable, or regulated. Okera’s robust audit capabilities and data usage intelligence deliver the real-time and historical information that data security, compliance, and data delivery teams need to respond quickly to incidents, optimize processes, and analyze the performance of enterprise data initiatives. Okera began development in 2016 and now dynamically authorizes access to hundreds of petabytes of sensitive data for the world’s most demanding F100 companies and regulatory agencies. The company is headquartered in San Francisco. -
21
Styra
Styra
The fastest and easiest way to operationalize Open Policy Agent across Kubernetes, Microservices or Custom APIs, whether you're a developer, an admin, or a bit of both. Need to limit which folks can access your pipeline, based on who is currently on call? Simple. Want to define which microservices can access PCI data? We got you. Have to prove compliance with regulations across your clusters? No sweat. Built on open-source, and declarative by design, Styra Declarative Authorization Service gives you a turnkey OPA control plane to mitigate risk, reduce human error, and accelerate development. A built-in library of policies. Built on our OPA project let you implement and customize authorization policy-as-code. Pre-running lets you monitor and validate policy changes before committing, to mitigate risk before deployment. Declarative model defines desired state to prevent security drift and eliminate errors, before they can occur.Starting Price: $70 per month -
22
Check Point Identity Awareness
Check Point Software Technologies
Check Point Identity Awareness offers granular visibility of users, groups, and machines, providing unmatched application and access control through the creation of accurate, identity-based policies. Centralized management and monitoring allows for policies to be managed from a single, unified console. It is clear that username and passwords no longer prove the identity of a user. Access control to your valuable assets must be strengthened. Check Point Identity Awareness ensures access to your data is granted only to authorized users, and only after their identities have been strictly authenticated; using Single Sign-On, Multi-Factor Authentication, Context-aware policies and anomaly detection. -
23
Ionic Machina
Ionic
Data security is managed in silos, but sensitive data traverses multiple applications, environments, data stores, and devices. This makes it challenging to scale data security and implement consistent access controls. Machina is your agile and dynamic authorization solution that easily handles modern challenges. Manage your shared responsibility to secure data at rest and in transit in the cloud and on-prem. Track how data is handled and accessed; audit how policies are enforced across your organization. Deliver context-aware dynamic authorization for each access request to maintain least privilege. Abstract access logic from app code to orchestrate policy enforcement across multiple environments. Implement and enforce consistent access policies in real-time across applications, repositories, workloads, and services. Monitor and analyze data handling and policy enforcement across your enterprise, and generate audit-ready proof of compliance. -
24
VMware Cloud Director
Broadcom
VMware Cloud Director is a leading cloud service-delivery platform used by some of the world’s most popular cloud providers to operate and manage successful cloud-service businesses. Using VMware Cloud Director, cloud providers deliver secure, efficient, and elastic cloud resources to thousands of enterprises and IT teams across the world. Use VMware in the cloud through one of our Cloud Provider Partners and build with VMware Cloud Director. A policy-driven approach helps ensure enterprises have isolated virtual resources, independent role-based authentication, and fine-grained control. A policy-driven approach to compute, storage, networking and security ensures tenants have securely isolated virtual resources, independent role-based authentication, and fine-grained control of their public cloud services. Stretch data centers across sites and geographies; monitor resources from an intuitive single-pane of glass with multi-site aggregate views. -
25
Aruba ClearPass
Aruba Networks
HPE Aruba Networking ClearPass Policy Manager protects your network with policies based on Zero Trust security principles to support hybrid workplace initiatives, IoT devices, and the connected edge. It simplifies access for authorized users and devices with least‑privilege controls, protecting visitors, partners, customers, and employees across Wi‑Fi, wired, and WAN networks with integrated guest portals, device configuration monitoring, and SASE‑aligned Zero Trust security. Integrated Zero Trust security prepares IT teams to implement reliable, role‑based policies for enterprise‑wide Zero Trust enforcement. Its broad partner ecosystem enables seamless integration with existing security technologies, while dynamic, identity‑based traffic segmentation ensures consistent protection across all network environments. HPE Aruba Networking ClearPass Policy Manager helps security teams authenticate, authorize, and enforce secure network access with role‑based and Zero Trust policies. -
26
Enable zero-trust access for all apps, legacy and modern, with highly scalable identity- and context-based access controls. Deploy zero-trust model validation based on granular context, securing every app access request. Secure access to apps with a fine-grained approach to user authentication and authorization that enables only per-request context- and identity-aware access. Integrating with existing SSO and identity federation solutions, users can access all their business apps via a single login, regardless of whether the app is SAML enabled or not. Enable social login to simplify access authorization from trusted third-party identity providers like Google, LinkedIn, Okta, Azure AD, and others. Leverage third-party UEBA and risk engines via REST APIs to inform policy-based access controls using the API connector for more layered security. BIG-IP APM is available in all business models including perpetual licenses, subscription, public cloud marketplace, and ELAs.
-
27
AppScaler
XPoint Network
What does AppScaler CMS do? Managing, monitoring and reporting on growing distributed networks is increasingly complex and costly, AppScaler CMS allows you to manage one or more AppScaler devices from a single management server. AppScaler CMS provides organizations, distributed enterprises and service providers with a powerful and intuitive solution to centrally manage and rapidly deploy AppScaler devices and provides centralized, real-time monitoring and comprehensive application performance reporting. Central AppScaler Policy Management AppScaler CMS ensures governance and compliance with centrally managed configuration: Import the configuration from AppScaler device in one click. Comprehensive policy management on load balancing of each AppScaler device. Configuration backup and restore. AppScaler Firmware Upgrade Role-based access control. AppScaler CMS provides fine-grained, role-based access control with which you can grant access permissions. -
28
Identity Confluence
Tech Prescient
Identity Confluence is an intelligent Identity Governance and Administration (IGA) platform designed to help IT and security teams manage access, automate identity lifecycles, and maintain continuous compliance across cloud and hybrid environments. Built for modern enterprises, Identity Confluence unifies identity lifecycle management, access control, and governance into a single, scalable platform. Automate Joiner-Mover-Leaver (JML) processes, enforce policy-based access controls (RBAC, ABAC, PBAC), and conduct real-time user access reviews—all from one intuitive interface. Key Features: Lifecycle Automation: Trigger real-time provisioning and deprovisioning across HR, IT, and business systems. Access Controls: Implement dynamic, fine-grained access policies using roles, attributes, and policies. App & Directory Integrations: Out-of-the-box connectors for AD, Azure AD, Okta, Workday, SAP, and more. Access Reviews: Automate certifications, enforce Segregation of Duties -
29
SGNL
SGNL
As the enterprise and workforce evolve, access must be intelligent and dynamic. SGNL ensures that your most valuable resources are being accessed by the right people, at the right time, in the right context. Enterprise use cases require a fine-grained approach. By building a deep understanding of your business, SGNL is able to drive smart, realtime access decisions. Scalable access policies should be understandable by all stakeholders. SGNL enables this through an intuitive, human-readable policy builder. SGNL connects to, and complements, your existing identity and business systems—with a broad array of simple, easy-to-implement integrations. -
30
Turnkey
Turnkey
We help you build better crypto products. Create thousands of embedded wallets, get rid of manual transaction flows, and automate on-chain actions, all without compromising on security. Create thousands of non-custodial wallets across blockchains with a simple API call. Build even the most complex crypto products by signing the transactions you need. Protect your assets with fine-grained policies and approval workflows. We’re developer-first at our core and obsess over giving you the easiest APIs and SDKs. We’ve done away with passwords to ensure the highest level of security. Your account is virtually unfishable with our hardware-based WebAuthn authentication. Our policy engine provides fine-grained controls for how users can access private keys. All actions on your account are checked against your custom policies and approval workflows while leaving an audit trail. Leveraging secure, isolated environments and verifiable data stores, we ensure you have control over your assets.Starting Price: $0.10 per signature -
31
Raivana
Raivana
Write access control policy. Easily. Discover the faster, easier way to write access control policy. Our team consists of experts who have worked in many industries. Raivana allows you to write access control policy in plain old English. This means everyone in your organization can write policy from day one. This saves you time, resources, and money. You can upload documents created in popular applications like Microsoft Word, TextEdit, and Notepad documents. We support DOC, DOCX, TXT, and RTF file formats. We translate the documents automatically to eXtensible Access Control Markup Language (XACML). Don't worry about managing infrastructure. We take care of all that for you. With 99.999% uptime, you are almost guaranteed to be able to author policy 24/7. -
32
AWS Network Firewall
Amazon
With AWS Network Firewall, you can create firewall rules that provide fine-grained control over network traffic and easily deploy firewall security across your VPCs. Automatically scale your network firewall to protect your managed infrastructure. Protect your unique workloads with a flexible engine that can define thousands of custom rules. Centrally manage security policies across existing accounts and VPCs and automatically enforce mandatory policies on new accounts. With AWS Network Firewall, you can define firewall rules that provide fine-grained control over network traffic. Network Firewall works together with AWS Firewall Manager so you can build policies based on Network Firewall rules and then centrally apply those policies across your virtual private clouds (VPCs) and accounts. Inspect traffic flows using features such as inbound encrypted traffic inspection, stateful inspection, protocol detection, and more. -
33
Dylan
Dylan
It is dynamic while providing a programming model designed to support efficient machine code generation, including fine-grained control over dynamic and static behaviors. Describes the Open Dylan implementation of the Dylan language, a core set of Dylan libraries, and a library interchange mechanism. The core libraries provide many language extensions, a threads interface, and object finalization, printing and output formatting modules, a streams module, a sockets module, and modules providing an interface to operating system features such as the file system, time and date information, the host machine environment, as well as a foreign function interface and some low-level access to the Microsoft Win32 API.Starting Price: Free -
34
Simple Mining
Simple Mining
SimpleMining.io is a vertically integrated Bitcoin mining company based in Cedar Falls, Iowa, offering sales, hosting, and repair services for ASIC miners. Our turnkey hosting solutions allow clients to start hashing the same day as payment, with no minimum miner quantity required. Clients benefit from precision billing, paying only for their hashing uptime, and enjoy an average uptime of 98.2%. All hosted miners receive free repairs for the first 12 months, covering components like fans, control boards, PSUs, and hashboards. The company operates multiple hosting facilities across Iowa, leveraging the state's low-cost power, cool temperatures, and renewable energy sources, 60% wind and solar, to ensure efficient and sustainable mining operations. Our client dashboard provides real-time monitoring of hashrate and mining operations, and they offer partnerships with mining pools like Luxor, NiceHash, and Ocean for discounted fees.Starting Price: Free -
35
NdSecure
Ndende Technologies
NdSecure is a Single Sign-On (SSO) and Identity and Access Management (IAM) solution. Ndsecure offers a user-friendly, flexible, and customizable identity and access management solution capable of operating within a diverse industry-centric architecture. The role played by NdSecure is to provide a robust and secure logical access control environment, incorporating strong authentication methods. The objective is to prevent unauthorized access to the corporate management system, thereby reducing frauds arising from insider threats. NdSecure’s API management platform provides more advanced ways for the workforce to control access to various applications. By leveraging existing request content and identity stores, NdSecure can provide: • Policy-based authentication • Coarse and fine-grained authorization • Single sign-on (using SAML, OpenId Connect, social log-in or OAuth-based federation) • Support for Common Criteria • Uses FIDO 2.0 and W3C WebAuthnStarting Price: $8/month/user -
36
CedarFX
CEDAR
At CedarFX, we believe in the importance of sharing knowledge to help traders succeed. Our collaborative spirit helps us provide our clients with all the tools they need to help them grow. We are an independent Broker with a vision. Our aim is to combine the finest market conditions available with unbeatable pricing and technology, creating the ultimate trading environment for clients to grow their accounts. Our platform provides fertile ground for traders to practice and improve their skills. With zero commissions and no transaction fees, we’re a no-frills broker enabling you to make the most out of your funds. We empower traders by simplifying the withdrawal process. We’ve eliminated excess waiting periods and unnecessary steps, and our team processes all withdrawal requests within 24 hours. -
37
EncryptRIGHT
Prime Factors
EncryptRIGHT simplifies application-level data protection, delivering robust encryption, tokenization, dynamic data masking, and key management functionality, along with role-based data access controls and a data-centric security architecture, to secure sensitive data and enforce data privacy. EncryptRIGHT is architected to deploy quickly with very little integration effort and scale from a single application to thousands of applications and servers on premises or in the cloud. Our unique Data-Centric Security Architecture allows information security teams to comprehensively define an EncryptRIGHT Data Protection Policy (DPP) and to bind the policy to data itself, protecting it regardless of where the data is used, moved or stored. Programmers do not need to have cryptography expertise to protect data at the application layer – they simply configure authorized applications to call EncryptRIGHT and ask for data to be appropriately secured or unsecured in accordance with its policy.Starting Price: $0 -
38
Cedar Gate
Cedar Gate Technologies
Accelerate your transition to value-based care with intelligent solutions that improve performance, efficiency, and quality. Value-based care is an opportunity, but it can sometimes feel like an obstacle in day-to-day healthcare operations. With the right solutions at your fingertips, you can predict, model and forecast actionable insights to reach your goals. You no longer need multiple vendors to deliver better care and improve your bottom line. We have the keys to revolutionizing your healthcare organization from start to finish. High-performance healthcare is only possible with a robust engine. Cedar Gate offers state-of-the-art technology built on algorithms of expertise that are unmatched. We wake up each day to put you on the fast track to success. You will never have to shift your focus from the finish line because we have everything you need for your value-based journey. -
39
Symatec Secure Access Cloud
Broadcom
Symantec Secure Access Cloud is a SaaS solution that enables more secure and granular access management to any corporate resource hosted on-premises or in the cloud. It uses Zero Trust Access principles in delivering point-to-point connectivity without agents or appliances, eliminating network level threats. Secure Access Cloud provides point-to-point connectivity at the application level, cloaking all resources from the end-user devices and the internet. The network-level attack surface is entirely removed, leaving no room for lateral movement and network-based threats. Its simple-to-set, fine-grained and easy-to-manage access and activity policies prevent unauthorized access to the corporate resources by implementing continuous, contextual (user, device and resource-based context) authorization to enterprise applications allowing secured employee, partners and BYOD access. -
40
BastionZero
BastionZero
Infrastructure teams must manage painful VPNs, homegrown bastion hosts, overprivileged certificate authorities, and long-lived credentials that present huge security risks. Infrastructure teams can easily configure, manage and secure fine-grained access controls to infrastructure targets in any cloud or on-prem environments. A single system for access all of your targets (servers, containers, clusters, databases, webservers) so you don’t have to manage an ever-growing set of systems. Provide zero-trust access to your targets by putting them behind your SSO and adding an independent MFA. Stop managing passwords. Use policy to control which users can log into which target under which role or user account. Capture the specific commands that a user ran on a target under a role or account via BastionZero’s access logs, command logs and session recordings.Starting Price: $300 per month -
41
DoControl
DoControl
DoControl enables fine-grained policies to control how employees, external users, and admins access, share and manipulate data stored in SaaS apps. The complexity of SaaS apps, users, and admins results in a ton of user interactions and a dynamic attack surface that are hard to follow. DoControl provides on-going visibility to data exposures across multiple SaaS apps. Different SaaS apps offer different security features, making it nearly impossible to enforce security policies consistently across the board. DoControl’s Data Access Controls redefine how threat prevention is done at scale. Protecting against unknown or unusual activity requires security teams to ingest logs from multiple apps, organize the metadata, detect anomalies, and take actions. DoControl automates all of it right out of the box. -
42
SecuPi
SecuPi
SecuPi provides an overarching data-centric security platform, delivering fine-grained access control (ABAC), Database Activity Monitoring (DAM) and de-identification using FPE encryption, physical and dynamic masking and deletion (RTBF). SecuPi offers wide coverage across packaged and home-grown applications, direct access tools, big data, and cloud environments. One data security platform for monitoring, controlling, encrypting, and classifying data across all cloud & on-prem platforms seamlessly with no code changes. Agile and efficient configurable platform to meet current & future regulatory and audit requirements. No source-code changes with fast & cost-efficient implementation. SecuPi’s fine-grain data access controls protect sensitive data so users get access only to data they are entitled to view, and no more. Seamlessly integrate with Starburst/Trino for automated enforcement of data access policies and data protection operations. -
43
Tesseral
Tesseral
Tesseral is the open source platform for managing identity and access in business software. It provides enterprise-grade capabilities, including SAML single sign-on, SCIM provisioning, role-based access control, managed API keys, and audit logs, implemented in just a few lines of code. Tesseral unifies access management for employees, customers, services, and AI agents, giving organizations the flexibility to adapt to any deployment model and the authority to enforce security policies with precision. You can learn more by reading our docs or by checking out our GitHub.Starting Price: $0 -
44
Azure Blueprints
Microsoft
Simplify largescale Azure deployments by packaging key environment artifacts, such as Azure Resource Manager templates, role-based access controls, and policies, in a single blueprint definition. Easily apply the blueprint to new subscriptions and environments, and fine-tune control and management through versioning. Easily create your cloud governance templates, access controls, and policies as a single compliant package so environments are ready to be configured. Deploy blueprints to multiple subscriptions with a single click. Manage blueprints from a central location and track blueprint versions to push updates. Speed deployment of compliant applications to production through a self-service model, and easily deploy compliant environments matched to production standards. Use blank templates for custom blueprints or built-in blueprints for compliance with common internal scenarios and external regulations like ISO 27001. -
45
Specops Password Auditor
Specops Software
Authentication and password security is more important than ever. Our password audit tool scans your Active Directory and identifies password-related vulnerabilities. The collected information generates multiple interactive reports containing user and password policy information. Specops Password Auditor is a read-only program, and available for free download. Analyze your domain password policies, and fine-grained password policies, to see if they enable users to create secure passwords. Generate reports to identify accounts with password vulnerabilities, including expired passwords, identical passwords, blank passwords, and more. In addition to these insights, Specops Password Auditor allows you to measure the effectiveness of your policies against a brute-force attack. For a complete list of the password reports, see the product overview.Starting Price: Free -
46
Keycard
Keycard
Keycard is an identity-and-access infrastructure platform built for the agent-native era, enabling developers and enterprises to securely connect AI agents, users, services, and APIs with real-time, policy-driven identity controls. It issues dynamic, ephemeral access tokens in place of static secrets and supports federated identity models to unify users, agents, and workloads under a distributed authorization framework. The platform provides drop-in SDKs for popular frameworks so developers can build agent-aware applications without becoming IAM experts. Keycard’s data model includes identity-attested agents, tasks, tools, and resources, allowing logical zones with context-aware permissions and auditability. On the policy side, security teams can define deterministic, task-based rules that enforce who (user/agent) can do what (task) on which resource under which conditions, all with full transparency. -
47
OpenText ZENworks Endpoint Security Management provides fine-grained, policybased control over all your Windows desktop and mobile PCs—including the ability to automatically change security configurations depending on a user’s role and location. By creating and managing policies from a central console, ZENworks makes it possible to implement and enforce tightly controlled, highly adaptive security policies without placing any configuration or enforcement burden on end users. ZENworks Endpoint Security Management also features robust client selfdefense capabilities that provide assurance that security policies are not circumvented; in addition, it has a complete suite of monitoring, alert, reporting, and auditing tools. Bring comprehensive, centralized security to your most vulnerable IT assets—the mobile PCs at the edges of your organization.
-
48
With Amazon SageMaker Model Monitor, you can select the data you would like to monitor and analyze without the need to write any code. SageMaker Model Monitor lets you select data from a menu of options such as prediction output, and captures metadata such as timestamp, model name, and endpoint so you can analyze model predictions based on the metadata. You can specify the sampling rate of data capture as a percentage of overall traffic in the case of high volume real-time predictions, and the data is stored in your own Amazon S3 bucket. You can also encrypt this data, configure fine-grained security, define data retention policies, and implement access control mechanisms for secure access. Amazon SageMaker Model Monitor offers built-in analysis in the form of statistical rules, to detect drifts in data and model quality. You can also write custom rules and specify thresholds for each rule.
-
49
Amazon Bedrock Guardrails
Amazon
Amazon Bedrock Guardrails is a configurable safeguard system designed to enhance the safety and compliance of generative AI applications built on Amazon Bedrock. It enables developers to implement customized safety, privacy, and truthfulness controls across various foundation models, including those hosted within Amazon Bedrock, fine-tuned models, and self-hosted models. Guardrails provide a consistent approach to enforcing responsible AI policies by evaluating both user inputs and model responses based on defined policies. These policies include content filters for harmful text and image content, denial of specific topics, word filters for undesirable terms, sensitive information filters to redact personally identifiable information, and contextual grounding checks to detect and filter hallucinations in model responses. -
50
OpenPMF
ObjectSecurity
OpenPMF captures policies in generic terms rather than specific technical rules, reducing the need for frequent updates. For example, in dynamic IoT/IIoT environments, it automatically generates security enforcement rules by analyzing these generic policies alongside changes in applications and their interactions. This method ensures policies remain manageable in large, evolving IT/OT landscapes, leading to significant maintenance cost savings. OpenPMF’s patented technology makes policy management both efficient and adaptable. In its most basic form, OpenPMF’s policy automation steps involve importing, authoring, and generating: OpenPMF is customizable for your particular business and IT landscape. While it comes with its own (optional) policy enforcement features, we currently offer pre-developed 3rd integrations and support for a wide range of technologies right out of the box, and other technologies supported upon request.
