Alternatives to Cloudentity
Compare Cloudentity alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Cloudentity in 2026. Compare features, ratings, user reviews, pricing, and more from Cloudentity competitors and alternatives in order to make an informed decision for your business.
-
1
Frontegg
Frontegg
Frontegg is a Customer Identity and Access Management (CIAM) platform that simplifies authentication, authorization, and user management for SaaS companies. It enables developers to implement advanced identity features quickly, then shift ongoing administration to other teams. With Frontegg, Product, Infosec, and Customer Success teams can take control of key identity tasks like managing user roles, enforcing security policies, and handling customer requests, all without engineering support. Developers reduce toil and regain focus on core product work, while stakeholders move faster without bottlenecks. Frontegg supports modern identity features including SSO, MFA, role-based access control, entitlements, multi-tenancy, and audit logs. Its low-code platform integrates in days and provides a user-friendly admin portal that bridges technical and non-technical teams. Frontegg increases operational efficiency, improves security posture, and enhances the customer experience. -
2
Auth0
Okta
Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity Company™. Auth0 lets you quickly integrate authentication and authorization for web, mobile, and legacy applications, with new Fine Grained Authorization (FGA) that goes beyond role-based access control. Authenticate users across all applications with a customized, secure, and standards-based single login. Universal Login connects users to a central authorization server. Credentials aren’t transferred across sources, which boosts security and protects against phishing and credential stuffing attacks. OAuth 2.0 recommends that only external user agents (like the browser) be used by native applications for authentication flows. Auth0’s Universal Login achieves this while enabling SSO. -
3
SolarWinds Access Rights Manager
SolarWinds
SolarWinds® Access Rights Manager is designed to assist IT & security administrators in quickly & easily provisioning, deprovisioning, managing, & auditing user access rights to systems, data, & files, so they can help protect their organizations from the potential risks of data loss and breaches. By analyzing user authorizations & access permissions, you get visualization of who has access to what, and when they accessed it. Customized reports can be generated to help demonstrate compliance with many regulatory requirements. Provision & deprovision users via role-specific templates to help assure conformity of access privilege delegation, in alignment with security policies. -
4
Tufin
Tufin
Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines. Eliminate the security bottleneck and increase the business agility of your organization. Existing manual approaches to managing network changes can take weeks and introduce errors resulting in potential security risks. Organizations across the world rely on Tufin’s policy-based automation to automate visibility and provisioning and maximize business agility and security. Maintaining and demonstrating compliance with industry regulations and internal policies is difficult within today’s complex and fragmented networks. Tufin enables enterprises to ensure continuous compliance and maintain audit readiness. -
5
Microsoft Entra ID
Microsoft
Microsoft Entra ID (formerly known as Azure Active Directory) is a comprehensive identity and access management cloud solution that combines core directory services, application access management, and advanced identity protection. Safeguard your organization with a cloud identity and access management solution that connects employees, customers, and partners to their apps, devices, and data. Protect access to resources and data using strong authentication and risk-based adaptive access policies without compromising user experience. Provide a fast, easy sign-in experience across your multicloud environment to keep your users productive, reduce time managing passwords, and increase productivity. Manage all your identities and access to all your applications in a central location, whether they’re in the cloud or on-premises, to improve visibility and control. -
6
Styra
Styra
The fastest and easiest way to operationalize Open Policy Agent across Kubernetes, Microservices or Custom APIs, whether you're a developer, an admin, or a bit of both. Need to limit which folks can access your pipeline, based on who is currently on call? Simple. Want to define which microservices can access PCI data? We got you. Have to prove compliance with regulations across your clusters? No sweat. Built on open-source, and declarative by design, Styra Declarative Authorization Service gives you a turnkey OPA control plane to mitigate risk, reduce human error, and accelerate development. A built-in library of policies. Built on our OPA project let you implement and customize authorization policy-as-code. Pre-running lets you monitor and validate policy changes before committing, to mitigate risk before deployment. Declarative model defines desired state to prevent security drift and eliminate errors, before they can occur.Starting Price: $70 per month -
7
Permify
Permify
Permify is an authorization service designed to help developers build and manage fine-grained, scalable access control systems within their applications. Inspired by Google's Zanzibar, Permify enables the structuring of authorization models, storage of authorization data in preferred databases, and interaction with its API to handle authorization queries across various applications and services. It supports multiple access control models, including Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC), allowing for the creation of granular permissions and policies. Permify centralized authorization logic, abstracting it from the codebase to facilitate easier reasoning, testing, and debugging. It offers flexible policy storage options and provides a role manager to handle RBAC role hierarchies. The platform also supports filtered policy management for efficient enforcement in large, multi-tenant environments.Starting Price: Free -
8
Axiomatics Orchestrated Authorization
Axiomatics
With our solution, Information Access Management (IAM) teams establish policy guardrails, while enabling developers, DevOps and DevSecOps teams as well as application owners to author, test, deploy, and analyze policies. In return, you are rewarded with an authorization approach that aligns to a Zero Trust strategy, creates policy visibility, accelerates application development, and delivers confidence. Organizations on the journey toward an Orchestrated Authorization approach do so with the goal of implementing an authorization vision that can support every application and resource in their technology environment. -
9
Calico Enterprise
Tigera
A self-managed, active security platform with full-stack observability for containers and Kubernetes. Calico Enterprise is the industry’s only active security platform with full-stack observability for containers and Kubernetes. Calico Enterprise extends the declarative nature of Kubernetes to specify security and observability as code. This ensures consistent enforcement of security policies and compliance, and provides observability for troubleshooting across multi-cluster, multi-cloud and hybrid deployments. Implement zero-trust workload access controls for traffic to and from individual pods to external endpoints on a per-pod basis, to protect your Kubernetes cluster. Author DNS policies that implement fine-grained access controls between a workload and the external services it needs to connect to, like Amazon RDS, ElastiCache, and more. -
10
Amazon Verified Permissions
Amazon
Amazon Verified Permissions is a fully managed authorization service that uses the provably correct Cedar policy language, so you can build more secure applications. With Verified Permissions, developers can build applications faster by externalizing authorization and centralizing policy management. They can also align authorization within the application with Zero Trust principles. Security and audit teams can better analyze and audit who has access to what within applications. Accelerate application development by decoupling authorization from business logic. Protect application resources and manage user access to the principle of least privilege. Amazon Verified Permissions is a fully managed, Cedar-compatible permissions management and fine-grained authorization service for the applications that you build. Using Cedar, an expressive, performant, and analyzable open source policy language, developers and admins can define policy-based access controls.Starting Price: $0.00015 per request -
11
Cedar
Amazon
Cedar is an open source policy language and evaluation engine developed by AWS to facilitate fine-grained access control in applications. It enables developers to define clear and concise authorization policies, decoupling access control from application logic. Cedar supports common authorization models, including role-based access control and attribute-based access control, allowing for expressive and analyzable policy definitions. Its design emphasizes readability and performance, ensuring that policies are both easy to understand and efficient to enforce. By integrating Cedar, applications can make precise authorization decisions, enhancing security and maintainability. The policy structure is designed to be indexed for quick retrieval and to support fast and scalable real-time evaluation, with bounded latency. It enables analyzer tools capable of optimizing your policies and proving that your security model is what you believe it is.Starting Price: Free -
12
Aserto
Aserto
Aserto helps developers build secure applications. It makes it easy to add fine-grained, policy-based, real-time access control to your applications and APIs. Aserto handles all the heavy lifting required to achieve secure, scalable, high-performance access management. It offers blazing-fast authorization of a local library coupled with a centralized control plane for managing policies, user attributes, relationship data, and decision logs. And it comes with everything you need to implement RBAC or fine-grained authorization models, such as ABAC, and ReBAC. Take a look at our open-source projects: - Topaz.sh: a standalone authorizer you can deploy in your environment to add fine-grained access control to your applications. Topaz lets you combine OPA policies with Zanzibar’s data model for complete flexibility. - OpenPolicyContainers.com (OPCR) secures OPA policies across the lifecycle by adding the ability to tag, verStarting Price: $0 -
13
PingDataGovernance
Ping Identity
Digital transactions and data are exploding, but authorization logic is scattered across your enterprise. Updating, auditing and managing that logic can be tedious or even impossible. PingDataGovernance provides centralized authorization policies that can evaluate identity attributes, entitlements, consents, the requesting app or other contextual information to authorize critical actions and the retrieval of high-value data. You’ll have the agility to react instantly without sacrificing security or regulatory compliance. Anyone can update policies in minutes with a simple drag-and-drop UI. And you can choose which teams it’s most appropriate to give access to so they can manage policies—or any portion of them. Unlike traditional role-based access control (RBAC), dynamic authorization assembles key contextual data attributes and evaluates the validity of access requests in real time. This lets you centrally enforce policies to comply with regulatory requirements. -
14
Ionic Machina
Ionic
Data security is managed in silos, but sensitive data traverses multiple applications, environments, data stores, and devices. This makes it challenging to scale data security and implement consistent access controls. Machina is your agile and dynamic authorization solution that easily handles modern challenges. Manage your shared responsibility to secure data at rest and in transit in the cloud and on-prem. Track how data is handled and accessed; audit how policies are enforced across your organization. Deliver context-aware dynamic authorization for each access request to maintain least privilege. Abstract access logic from app code to orchestrate policy enforcement across multiple environments. Implement and enforce consistent access policies in real-time across applications, repositories, workloads, and services. Monitor and analyze data handling and policy enforcement across your enterprise, and generate audit-ready proof of compliance. -
15
Okera
Okera
Okera, the Universal Data Authorization company, helps modern, data-driven enterprises accelerate innovation, minimize data security risks, and demonstrate regulatory compliance. The Okera Dynamic Access Platform automatically enforces universal fine-grained access control policies. This allows employees, customers, and partners to use data responsibly, while protecting them from inappropriately accessing data that is confidential, personally identifiable, or regulated. Okera’s robust audit capabilities and data usage intelligence deliver the real-time and historical information that data security, compliance, and data delivery teams need to respond quickly to incidents, optimize processes, and analyze the performance of enterprise data initiatives. Okera began development in 2016 and now dynamically authorizes access to hundreds of petabytes of sensitive data for the world’s most demanding F100 companies and regulatory agencies. The company is headquartered in San Francisco. -
16
Manages users, groups and roles. Authentication, delegation, authorization and auditing. Role-based access control, entitlements and time-based access rules. Manages access control policies for Web, Java and CORBA® resources. Manages access control policies for fine-grain application data and/or features. Central administration with flexible deployment options. Features specifically designed to aid in meeting privacy legislation. Supports integration with existing security infrastructure. Provides foundation for orb2 for Java Security Services.
-
17
SlashID
SlashID
Identity is the most common vector for lateral movement and data breaches. SlashID helps you build a secure, compliant, and scalable identity infrastructure. Manage the creation, rotation and deletion of identities and secrets in a single place. Complete inventory of all your identities and secrets, multi-cloud. Detect initial access, privilege escalation, and lateral movement across your IdPs and cloud environments. Add authentication, authorization, conditional access, and tokenization to your services. Detect leaked key materials in real-time and prevent data breaches by rotating them. Automatically block, suspend, rotate or enforce MFA on a detection to reduce the impact of an attack. Add MFA and conditional access to your applications. Add authentication, authorization, credential tokenization, and conditional access to your APIs and workloads. -
18
Tesseral
Tesseral
Tesseral is the open source platform for managing identity and access in business software. It provides enterprise-grade capabilities, including SAML single sign-on, SCIM provisioning, role-based access control, managed API keys, and audit logs, implemented in just a few lines of code. Tesseral unifies access management for employees, customers, services, and AI agents, giving organizations the flexibility to adapt to any deployment model and the authority to enforce security policies with precision. You can learn more by reading our docs or by checking out our GitHub.Starting Price: $0 -
19
Fine-grained access control and visibility for centrally managing cloud resources. Identity and Access Management (IAM) lets administrators authorize who can take action on specific resources, giving you full control and visibility to manage Google Cloud resources centrally. For enterprises with complex organizational structures, hundreds of workgroups, and many projects, IAM provides a unified view into security policy across your entire organization, with built-in auditing to ease compliance processes. We recognize that an organization’s internal structure and policies can get complex fast. Projects, workgroups, and managing who has authorization to do what all change dynamically. IAM is designed with simplicity in mind: a clean, universal interface lets you manage access control across all Google Cloud resources consistently. So you learn it once, then apply everywhere.
-
20
OneLogin
OneLogin
Secure critical company information and empower employees with OneLogin, a trusted identity and access management (IAM) solution for the modern enterprise. Designed to strengthen enterprise security while simplifying business logins, OneLogin is an excellent solution for companies looking to enforce security policies with ease. OneLogin includes top-rated features such as single sign-on (SS), unified directory, user provisioning, adaptive authentication, mobile identitiy, compliance reporting, and more. -
21
PlainID
PlainID
PlainID is The Authorization Company. PlainID provides both Business AND Admin teams with a simple and intuitive means to control their organization’s entire authorization process, all based on your own business logic. The platform allows you to implement literally any kind of rules you could imagine, all without coding, and all in fine grained detail. PlainID simplifies Authorization so that thousands of Roles, Attributes and even Environmental Factors can be converted into a few logical SmartAuthorization policies using our Graph Database Decision Engine. In-depth Analytics and Insights: PlainID provides unobstructed visibility with a full audit trail. Compliance, regulation and audit requirements, they’re easy to manage on a simple graph-based UI. Access is determined dynamically and in real time, based on user attributes, environmental attributes (time, location, etc.) as well as event based authorizations. PlainID combines ABAC & RABC to a united policy. -
22
Apono
Apono
Use the Apono cloud-native access governance platform to work faster and more securely with self-service, secure, scalable access built for modern enterprises running in the cloud. Discover who has access to what with context. Identify access risk leveraging enriched identity and cloud resource context from the environment. Enforce access guardrails at scale. Apono automatically suggests dynamic policies that fit your business needs, streamlining the cloud access lifecycle and gaining control of cloud-privileged access. Improve your environment access controls with Apono’s AI, which detects high-risk unused, over provisioned and shadow access. Remove standing access and prevent lateral movement in your cloud environment. Organizations can enforce strict authentication, authorization, and audit controls for these high-level accounts, reducing the risk of insider threats, data breaches, and unauthorized access. -
23
SecurePass
eMudhra
SecurePass IAM provides robust security measures like credential vaulting, session monitoring, and least privilege enforcement. This reduces the risk of unauthorized access, ensuring your organization's data remains secure By automating processes like user provisioning, access certifications, and password management, SecurePass IAM simplifies access management. This leads to increased operational efficiency and productivity within your organization With its built-in analytics, reporting capabilities, and access governance features, SecurePass IAM aids in maintaining compliance with various regulatory standards. It supports audit trails, making the auditing process smoother and more efficient -
24
NextLabs
NextLabs
NextLabs CloudAz is a zero trust policy platform that enforces security policies consistently across the enterprise and beyond. It’s powered by a patented dynamic authorization policy engine and is the backbone of NextLabs’ Data Centric Security Suite consisting of Entitlement Management, Data Access Security, and Digital Rights Management (DRM) products. CloudAz integrates automated data classification, attribute-based access control (ABAC), data masking & segregation, digital rights (DRM) protection, and audit capabilities into one powerful platform that enables you to better align policies with rapidly changing business requirements while keeping up with the increasing cybersecurity challenge. The platform can be delivered either on-premises or in the cloud. -
25
Acceptto Zero Trust Identity (CIAM)
Acceptto
You need to know that your customers are who they say they are, customers don’t want to jump through hoops to prove it and they want you to keep their credentials safe. Protect your customers identities through a delicate balance of security and a frictionless, pleasant customer experience. Real-time, continuous identity monitoring & validation Post-Authorization. Eliminate account takeover (ATO) instantly with intelligent MFA. Risk-based policy orchestrated continuous authentication. Acceptto is a transformative cybersecurity company driving a paradigm shift in identity access management by treating authentication not as a single event, but rather a continuum. Our AI/ML powered Passwordless Continuous AuthenticationTM technology analyzes and verifies user identity, inferring behavioral data to detect anomalies and eliminate dependence on vulnerable binary authentications. We deliver the smartest, most resilient and breach-proof identity validation technology. -
26
Authress
Rhosys
Authress, Complete Auth API for B2B. Authentication & Authorization gets complicated quickly, even if it appears easy, there is a lot of hidden complexity in authorization, you don’t want to do it on your own. It takes time to get authorization right In simple cases, it takes an average software team 840 hours to implement authorization logic. As you add features to your application, this number grows rapidly. Without expertise, you leave your door wide open to malicious attacks. You risk compromising your user data, non-compliance with local regulations, and massive business losses. * Secure authorization API--Instead of building your own authorization logic, call our API * Granular permissions--Define multiple levels of access and group them by user roles. As granular as you want * Identity Provider integrations--Plug in any of your preferred ID providers with a simple API call. * SSO and full user managementStarting Price: $1.10 per month -
27
Identity Confluence
Tech Prescient
Identity Confluence is an intelligent Identity Governance and Administration (IGA) platform designed to help IT and security teams manage access, automate identity lifecycles, and maintain continuous compliance across cloud and hybrid environments. Built for modern enterprises, Identity Confluence unifies identity lifecycle management, access control, and governance into a single, scalable platform. Automate Joiner-Mover-Leaver (JML) processes, enforce policy-based access controls (RBAC, ABAC, PBAC), and conduct real-time user access reviews—all from one intuitive interface. Key Features: Lifecycle Automation: Trigger real-time provisioning and deprovisioning across HR, IT, and business systems. Access Controls: Implement dynamic, fine-grained access policies using roles, attributes, and policies. App & Directory Integrations: Out-of-the-box connectors for AD, Azure AD, Okta, Workday, SAP, and more. Access Reviews: Automate certifications, enforce Segregation of Duties -
28
Multifactor
Multifactor
Multifactor is a next-generation account-sharing and access-management platform built around zero-trust, post-quantum cryptography, and fine-grained permissioning. Rather than simply sharing credentials, users store their online accounts (passwords, passkeys, 2FA codes) in a secure vault and grant access to humans or AI agents by sending controlled links. Access can be revoked instantly, and the underlying credentials remain hidden. You can define precise permissions (for example, “read transactions” but not “initiate transfers”), capture detailed non-repudiable audit trails of every action, and enjoy built-in encryption and post-quantum security architecture that ensures only authorized parties ever gain access. The platform can also operate as a full identity-and-access-management suite, supporting authentication (biometrics, hardware tokens), authorization, access auditing, device and network endpoint enforcement, and secure account/resource sharing.Starting Price: Free -
29
Apache Knox
Apache Software Foundation
The Knox API Gateway is designed as a reverse proxy with consideration for pluggability in the areas of policy enforcement, through providers and the backend services for which it proxies requests. Policy enforcement ranges from authentication/federation, authorization, audit, dispatch, hostmapping and content rewrite rules. Policy is enforced through a chain of providers that are defined within the topology deployment descriptor for each Apache Hadoop cluster gated by Knox. The cluster definition is also defined within the topology deployment descriptor and provides the Knox Gateway with the layout of the cluster for purposes of routing and translation between user facing URLs and cluster internals. Each Apache Hadoop cluster that is protected by Knox has its set of REST APIs represented by a single cluster specific application context path. This allows the Knox Gateway to both protect multiple clusters and present the REST API consumer with a single endpoint. -
30
OpenText ZENworks Endpoint Security Management provides fine-grained, policybased control over all your Windows desktop and mobile PCs—including the ability to automatically change security configurations depending on a user’s role and location. By creating and managing policies from a central console, ZENworks makes it possible to implement and enforce tightly controlled, highly adaptive security policies without placing any configuration or enforcement burden on end users. ZENworks Endpoint Security Management also features robust client selfdefense capabilities that provide assurance that security policies are not circumvented; in addition, it has a complete suite of monitoring, alert, reporting, and auditing tools. Bring comprehensive, centralized security to your most vulnerable IT assets—the mobile PCs at the edges of your organization.
-
31
Aruba ClearPass
Aruba Networks
HPE Aruba Networking ClearPass Policy Manager protects your network with policies based on Zero Trust security principles to support hybrid workplace initiatives, IoT devices, and the connected edge. It simplifies access for authorized users and devices with least‑privilege controls, protecting visitors, partners, customers, and employees across Wi‑Fi, wired, and WAN networks with integrated guest portals, device configuration monitoring, and SASE‑aligned Zero Trust security. Integrated Zero Trust security prepares IT teams to implement reliable, role‑based policies for enterprise‑wide Zero Trust enforcement. Its broad partner ecosystem enables seamless integration with existing security technologies, while dynamic, identity‑based traffic segmentation ensures consistent protection across all network environments. HPE Aruba Networking ClearPass Policy Manager helps security teams authenticate, authorize, and enforce secure network access with role‑based and Zero Trust policies. -
32
TrustBuilder
TrustBuilder
TrustBuilder is your reliable partner in cybersecurity. We go beyond the traditional software firm role, focusing on delivering robust and secure solutions that foster trust among enterprises. Through our Access Management Platform, TrustBuilder.io, our commitment is to ensure the secure digital journey of your employees, partners, and customers. With our advanced MFA and CIAM technology, we provide uninterrupted access while safeguarding identities. > TrustBuilder's SaaS MFA provides airtight, phishing-resistant security, passwordless experience, and seamless integration. > TrustBuilder's tailor made CIAM provides PBAC delivering fine grained authorization based on attributes with customisable workflows.Starting Price: € 10 per user / per year -
33
Continuum GRC
Continuum GRC
Continuum GRC's integrated risk management solution provides a roadmap to risk reduction by delivering comprehensive, customizable, and intuitive enterprise solutions. Business operations are a complex mixture of people, processes, and technology. Enterprise and operational risk management is the singular, most important central point of aggregation for organizational risk. Continuum GRC provides a global solution to identify, assess and monitor risks consistently across the enterprise, auto-mapping between all the world's standards. Continuum GRC provides a risk-based approach to audit and regulatory controls management and consolidates the entire process within a single source of truth. Governance and policy controls management serves as the foundation for a program by outlining the structure, authority, and processes required for the organization through the clearly defined governance structure, stratification of authority, defined and well-communicated policies, etc.Starting Price: $5800.00 -
34
OpenText Data Center Automation
OpenText
Automate your service governance processes from end to end with infrastructure patching, continuous compliance management, advanced orchestration, and enterprise-scale provisioning. Run compliance audits across server OS. Visualize the results in a single compliance dashboard and then remediate according to maintenance windows and SLOs. Scan against the latest threats. Prioritize and track top vulnerabilities in a central risk dashboard. Patch according to policies, service level objectives, and maintenance windows. Standardize at build time and then scale. Use policy-aware provisioning and configurations for automated initial enforcement of compliance and patching policies. Get the broadest range of support for multivendor infrastructure. Extend integration to resources deployed by open source configuration tools to centralize compliance and risk management. -
35
Userfront
Userfront
Userfront gives you secure, pre-configured authentication & authorization that stays up to date automatically. We focus on simple setup and quality documentation to make the internet more secure. Manage users, tenants, authorization and more, all in one place. Whether it's editing records, viewing recent activity, analyzing trends, or messaging users, the dashboard has you covered. Stay on the same page with your team, and perform tasks quickly and efficiently. There are dozens of auth protocols and token exchange flows, with more added every year. Userfront gives you the best now and keeps you covered over time. Enterprise-grade RSA tokens, secure exchange and refresh, encryption at rest, properly configured cookies, forced SSL, and more. As browsers, standards, and threat models change, Userfront automatically updates you to keep your data and protocols secure.Starting Price: $140 per month -
36
Apache Sentry
Apache Software Foundation
Apache Sentry™ is a system for enforcing fine grained role based authorization to data and metadata stored on a Hadoop cluster. Apache Sentry has successfully graduated from the Incubator in March of 2016 and is now a Top-Level Apache project. Apache Sentry is a granular, role-based authorization module for Hadoop. Sentry provides the ability to control and enforce precise levels of privileges on data for authenticated users and applications on a Hadoop cluster. Sentry currently works out of the box with Apache Hive, Hive Metastore/HCatalog, Apache Solr, Impala and HDFS (limited to Hive table data). Sentry is designed to be a pluggable authorization engine for Hadoop components. It allows you to define authorization rules to validate a user or application’s access requests for Hadoop resources. Sentry is highly modular and can support authorization for a wide variety of data models in Hadoop. -
37
Sevren
Sevren
AppSec Policy as Code. Sevren programmatically consolidates all available development-environment data and uses this to provide visibility-into and automatic orchestration-of the SecDLC with a next generation ‘policy-as-code solution. AppSec Visibility at Scale. Without visibility, you have no data; without good data, good security decisions cannot be made - making intelligent-automation a non-starter. Severn enables and maintains scalable visibility into the development environment, in real time. Securely Support Business Goals. As development cycles shorten, from waterfall to short, agile sprints to continuous delivery/deployment the responsiveness of intelligent security decisions must also increase. In the modern development environment, failure to achieve intelligent-automation breaks either security or business outcomes. Audit Trail. Manually driven enforcement of AppSec policy is subject to the inconsistencies of human interpretation and error. -
38
Keycard
Keycard
Keycard is an identity-and-access infrastructure platform built for the agent-native era, enabling developers and enterprises to securely connect AI agents, users, services, and APIs with real-time, policy-driven identity controls. It issues dynamic, ephemeral access tokens in place of static secrets and supports federated identity models to unify users, agents, and workloads under a distributed authorization framework. The platform provides drop-in SDKs for popular frameworks so developers can build agent-aware applications without becoming IAM experts. Keycard’s data model includes identity-attested agents, tasks, tools, and resources, allowing logical zones with context-aware permissions and auditability. On the policy side, security teams can define deterministic, task-based rules that enforce who (user/agent) can do what (task) on which resource under which conditions, all with full transparency. -
39
Airlock
Airlock
Airlock's Secure Access Hub protects applications, APIs and data from identity theft and the most common attacks on Web applications. Security meets convenience, Airlock offers your customers a customer journey without media breaks with single sign-on, social registration, comprehensive user self-services and consent management. Acting in line with the market means reacting quickly. The Airlock Secure Access Hub therefore provides all important security functions such as registration, authentication and self services. So you can concentrate all your IT resources on your business processes. The Airlock Secure Access Hub helps to meet all international compliance standards - from GDPR over PSD2, PCI-DSS, OWASP to MAS. The upstream enforcement point for access policies onto applications and services allows compliance with regulations without having to make adjustments in each individual application. -
40
SecuPi
SecuPi
SecuPi provides an overarching data-centric security platform, delivering fine-grained access control (ABAC), Database Activity Monitoring (DAM) and de-identification using FPE encryption, physical and dynamic masking and deletion (RTBF). SecuPi offers wide coverage across packaged and home-grown applications, direct access tools, big data, and cloud environments. One data security platform for monitoring, controlling, encrypting, and classifying data across all cloud & on-prem platforms seamlessly with no code changes. Agile and efficient configurable platform to meet current & future regulatory and audit requirements. No source-code changes with fast & cost-efficient implementation. SecuPi’s fine-grain data access controls protect sensitive data so users get access only to data they are entitled to view, and no more. Seamlessly integrate with Starburst/Trino for automated enforcement of data access policies and data protection operations. -
41
kpt
kpt
kpt is a package-centric toolchain that enables a WYSIWYG configuration authoring, automation, and delivery experience, which simplifies managing Kubernetes platforms and KRM-driven infrastructure at scale by manipulating declarative configuration as data, separated from the code that transforms it. Most Kubernetes users either manage their resources using conventional imperative graphical user interfaces, command-line tools (kubectl), and automation (e.g., operators) that operate directly against Kubernetes APIs, or declarative configuration tools, such as Helm, Terraform, cdk8s, or one of the dozens of other tools. At a small scale, this is largely driven by preference and familiarity. As companies expand the number of Kubernetes development and production clusters they use, creating and enforcing consistent configurations and security policies across a growing environment becomes difficult. -
42
Symatec Secure Access Cloud
Broadcom
Symantec Secure Access Cloud is a SaaS solution that enables more secure and granular access management to any corporate resource hosted on-premises or in the cloud. It uses Zero Trust Access principles in delivering point-to-point connectivity without agents or appliances, eliminating network level threats. Secure Access Cloud provides point-to-point connectivity at the application level, cloaking all resources from the end-user devices and the internet. The network-level attack surface is entirely removed, leaving no room for lateral movement and network-based threats. Its simple-to-set, fine-grained and easy-to-manage access and activity policies prevent unauthorized access to the corporate resources by implementing continuous, contextual (user, device and resource-based context) authorization to enterprise applications allowing secured employee, partners and BYOD access. -
43
ManageEngine AD360
Zoho
AD360 is an integrated identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. From user provisioning, self-service password management, and Active Directory change monitoring, to single sign-on (SSO) for enterprise applications, AD360 helps you perform all your IAM tasks with a simple, easy-to-use interface. AD360 provides all these functionalities for Windows Active Directory, Exchange Servers, and Office 365. With AD360, you can just choose the modules you need and start addressing IAM challenges across on-premises, cloud, and hybrid environments from within a single console. Easily provision, modify, and deprovision accounts and mailboxes for multiple users at once across AD, Exchange servers, Office 365 services, and G Suite from a single console. Use customizable user creation templates and import data from CSV to bulk provision user accounts.Starting Price: $595.00 / year -
44
ClearPass
Alcatel-Lucent Enterprise
Easily roll out BYOD services and control devices on your enterprise network with powerful network policy management. Create and enforce policies across devices and apps with the ClearPass Policy Management System. ClearPass gives you total control over your enterprise network, offering a simpler way to roll out BYOD services. You’ll be able to offload routine tasks to users through guest self-registration portals and self-service employee portals. And leverage contextual data about user roles, devices, application use, location and time of day to streamline network operations across your networks and VPNs.Create and enforce policies across your entire network. Enable users to provision and register their own devices. Use a single view to manage policies, on-board devices, admit users, manage apps and more. Advanced endpoint posture assessments and health checks ensure security compliance and network protection before devices connect and while connected. -
45
Visual Guard
Novalys
Visual Guard is an advanced identity and access management (IAM) tool offering a complete solution for securing sensitive applications and data. With centralized management of users and permissions, Visual Guard facilitates the implementation of robust, standards-compliant security policies. User management : Create, modify & delete user accounts Integration with LDAP or Active Directory directories Automatic synchronization of user information Access control : Precise definition of access rights to features and resources Role and Permission Management Multi-factor authentication (MFA) Single Sign-On (SSO) Security Audit and Monitoring : Permission Matrix Detailed Event log Real-time and Historical Graphs Integration & compatibility : Compatibility with major development platforms, frameworks, and protocols. .NET API Benefits : Simplified access management Enhanced data security Improved regulatory compliance Reduce identity management costStarting Price: 1.55/month/user -
46
Apache Ranger
The Apache Software Foundation
Apache Ranger™ is a framework to enable, monitor and manage comprehensive data security across the Hadoop platform. The vision with Ranger is to provide comprehensive security across the Apache Hadoop ecosystem. With the advent of Apache YARN, the Hadoop platform can now support a true data lake architecture. Enterprises can potentially run multiple workloads, in a multi tenant environment. Data security within Hadoop needs to evolve to support multiple use cases for data access, while also providing a framework for central administration of security policies and monitoring of user access. Centralized security administration to manage all security related tasks in a central UI or using REST APIs. Fine grained authorization to do a specific action and/or operation with Hadoop component/tool and managed through a central administration tool. Standardize authorization method across all Hadoop components. Enhanced support for different authorization methods - Role based access control etc. -
47
AWS Network Firewall
Amazon
With AWS Network Firewall, you can create firewall rules that provide fine-grained control over network traffic and easily deploy firewall security across your VPCs. Automatically scale your network firewall to protect your managed infrastructure. Protect your unique workloads with a flexible engine that can define thousands of custom rules. Centrally manage security policies across existing accounts and VPCs and automatically enforce mandatory policies on new accounts. With AWS Network Firewall, you can define firewall rules that provide fine-grained control over network traffic. Network Firewall works together with AWS Firewall Manager so you can build policies based on Network Firewall rules and then centrally apply those policies across your virtual private clouds (VPCs) and accounts. Inspect traffic flows using features such as inbound encrypted traffic inspection, stateful inspection, protocol detection, and more. -
48
Casbin
Casbin
Casbin is an open-source authorization library that supports various access control models, including Access Control Lists (ACL), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). It is implemented in multiple programming languages such as Golang, Java, C/C++, Node.js, JavaScript, PHP, Laravel, Python, .NET (C#), Delphi, Rust, Ruby, Swift (Objective-C), Lua (OpenResty), Dart (Flutter), and Elixir, providing a consistent API across different platforms. Casbin abstracts access control models into configuration files based on the PERM metamodel, allowing developers to switch or upgrade authorization mechanisms by simply modifying configurations. It offers flexible policy storage options, supporting various databases like MySQL, PostgreSQL, Oracle, MongoDB, Redis, and AWS S3. The library also features a role manager to handle RBAC role hierarchies and supports filtered policy management for efficient enforcement.Starting Price: Free -
49
Panda Full Encryption
WatchGuard Technologies
Panda Full Encryption is the first line of defense to protect your data in a simple and effective way. It is a full-volume encryption solution that strengthens security against unauthorized access using established authentication mechanisms. Data encryption minimizes data exposure and provides an additional layer of security and control to your organization. data protection regulations by monitoring and enforcing BitLocker activation on Windows devices. All Aether-based solutions provide intuitive dashboards, detailed reports and change audits. Additionally, its role-based management allows administrators to implement different authorization levels and different policies for groups and devices from a single centralized web console. -
50
OpenPMF
ObjectSecurity
OpenPMF captures policies in generic terms rather than specific technical rules, reducing the need for frequent updates. For example, in dynamic IoT/IIoT environments, it automatically generates security enforcement rules by analyzing these generic policies alongside changes in applications and their interactions. This method ensures policies remain manageable in large, evolving IT/OT landscapes, leading to significant maintenance cost savings. OpenPMF’s patented technology makes policy management both efficient and adaptable. In its most basic form, OpenPMF’s policy automation steps involve importing, authoring, and generating: OpenPMF is customizable for your particular business and IT landscape. While it comes with its own (optional) policy enforcement features, we currently offer pre-developed 3rd integrations and support for a wide range of technologies right out of the box, and other technologies supported upon request.
