Alternatives to Corsha
Compare Corsha alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Corsha in 2026. Compare features, ratings, user reviews, pricing, and more from Corsha competitors and alternatives in order to make an informed decision for your business.
-
1
Securden Password Vault for Enterprises
Securden, Inc
Securden Password Vault for Enterprises is a scalable, enterprise-grade credential management solution available in both cloud (SaaS) and on-premise deployments. It centralizes the storage of passwords, SSH keys, DevOps secrets, files, and other sensitive data in an AES-256 encrypted vault, helping organizations enforce strong security controls and defend against insider and external threats. The solution enables secure credential storage, granular access controls, automated password rotation, and just-in-time access while providing full visibility through audit logs, session recordings, and real-time alerts. IT teams can launch secure remote connections such as RDP, SSH, and SQL directly from the vault without exposing credentials. Trusted by enterprises worldwide, Securden helps organizations strengthen security posture, streamline credential governance, improve operational efficiency, and meet compliance requirements across industries. -
2
GitGuardian
GitGuardian
GitGuardian is an end-to-end NHI security platform that empowers software-driven organizations to enhance their Non-Human Identity (NHI) security and comply with industry standards. With attackers increasingly targeting NHIs, such as service accounts and applications, GitGuardian integrates Secrets Security and NHI Governance. This dual approach enables the detection of compromised secrets across your dev environments while also managing non human identities and their secrets lifecycle. The platform supports over 450+ types of secrets, offers public monitoring for leaked data, and deploys honeytokens for added defense. Trusted by over 600,000 developers, GitGuardian is the choice of leading organizations like Snowflake, ING, BASF and Bouygues Telecom for robust secrets protection.Starting Price: $0 -
3
Zscaler
Zscaler
Zscaler, creator of the Zero Trust Exchange platform, uses the largest security cloud on the planet to make doing business and navigating change a simpler, faster, and more productive experience. The Zscaler Zero Trust Exchange enables fast, secure connections and allows your employees to work from anywhere using the internet as the corporate network. Based on the zero trust principle of least-privileged access, it provides comprehensive security using context-based identity and policy enforcement. The Zero Trust Exchange operates across 150 data centers worldwide, ensuring that the service is close to your users, co-located with the cloud providers and applications they are accessing, such as Microsoft 365 and AWS. It guarantees the shortest path between your users and their destinations, providing comprehensive security and an amazing user experience. Use our free service, Internet Threat Exposure Analysis. It’s fast, safe, and confidential. -
4
SlashID
SlashID
Identity is the most common vector for lateral movement and data breaches. SlashID helps you build a secure, compliant, and scalable identity infrastructure. Manage the creation, rotation and deletion of identities and secrets in a single place. Complete inventory of all your identities and secrets, multi-cloud. Detect initial access, privilege escalation, and lateral movement across your IdPs and cloud environments. Add authentication, authorization, conditional access, and tokenization to your services. Detect leaked key materials in real-time and prevent data breaches by rotating them. Automatically block, suspend, rotate or enforce MFA on a detection to reduce the impact of an attack. Add MFA and conditional access to your applications. Add authentication, authorization, credential tokenization, and conditional access to your APIs and workloads. -
5
Xage
Xage Security
Xage Security is a cybersecurity company that provides zero trust asset protection for critical infrastructure, industrial IoT, and operational technology (OT) environments. Xage's Fabric Platform underpins all of its products and use cases, defending assets against attacks across OT, IIoT, IT, and the cloud. Xage's zero trust approach to security is based on the principle of "never trust, always verify." This means that Xage authenticates all users and devices before granting access to any assets. Xage also enforces granular access policies based on user identity, context, and asset risk. Xage's products include: Zero Trust Remote Access Identity-Based Access Management Zero Trust Data Exchange Xage's products are used by a wide range of organizations, including government agencies, utilities, and industrial manufacturers. Xage's customers rely on Xage to protect their critical infrastructure, OT assets, and industrial data from cyberattacks. -
6
Belden Horizon Console
Belden
Belden Horizon is an industrial-grade software suite designed to provide secure remote connectivity, edge orchestration, and operational-technology (OT) data management for factories, plants, and other mission-critical infrastructure. At its core, the Belden Horizon Console enables Secure Remote Access (SRA) and persistent, always-on connectivity (via Persistent Data Network, PDN), allowing technicians or service providers to safely connect to remote machines or networks for troubleshooting, maintenance, or monitoring, without requiring complex IP routing or exposing the broader network. Horizon uses a zero-trust, multilayered security model including token-based two-factor authentication, role-based user and device access, encrypted tunnels, single sign-on (Active Directory), user-configurable password policies, IP allow lists, and a “virtual Lockout-Tagout (vLOTO)” permission system before granting connections to machines. -
7
Knox
Pinterest
Knox is a secret management service. Knox is a service for storing and rotation of secrets, keys, and passwords used by other services. Pinterest has a plethora of keys or secrets doing things like signing cookies, encrypting data, protecting our network via TLS, accessing our AWS machines, communicating with our third parties, and many more. If these keys become compromised, rotating (or changing our keys) used to be a difficult process generally involving a deploy and likely a code change. Keys/secrets within Pinterest were stored in git repositories. This means they were copied all over our company's infrastructure and present on many of our employees laptops. There was no way to audit who accessed or who has access to the keys. Knox was built to solve these problems. Ease of use for developers to access/use confidential secrets, keys, and credentials. Confidentiality for secrets, keys, and credentials. Provide mechanisms for key rotation in case of compromise. -
8
Keyfactor EJBCA
Keyfactor
EJBCA is an Enterprise grade PKI platform capable of issuing and managing digital certificates in the billions. One of the most used PKI platforms globally, it is used by governments and large enterprises across all sectors. PKI shouldn't be complex. Simplify it, with EJBCA® Enterprise, the only PKI platform that deploys fast, runs anywhere, and scales on-demand — so you can issue and manage thousands, even billions of certificates, no problem. Powered by the most trusted and widely used open-source PKI, EJBCA Enterprise empowers teams to establish trust with identity-first security for every human and machine, anywhere. Replace legacy CA solutions with a flexible and scalable PKI platform to issue and manage certificates for devices, workloads, and users. Embed certificate-based identity into thousands or millions of connected products with a fast and scalable PKI solution. -
9
HashiCorp Vault
HashiCorp
Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API. Secure applications and systems with machine identity and automate credential issuance, rotation, and more. Enable attestation of application and workload identity, using Vault as the trusted authority. Many organizations have credentials hard coded in source code, littered throughout configuration files and configuration management tools, and stored in plaintext in version control, wikis, and shared volumes. Safeguarding and ensuring that a credentials isn’t leaked, or in the likelihood it is, that the organization can quickly revoke access and remediate, is a complex problem to solve. -
10
Unbound CORE Identity Security
Unbound Security
Authenticate users and machines and protect PKI – seamlessly across all locations and devices. Create virtual enclaves for mobile and for desktop with maximum security and without sacrificing the user experience. Authenticate user access and identify simply and securely with CORE virtual secure enclave SDK. Mobile, desktop, or server-side enabled – CORE keeps credentials safe even if the user’s personal device is compromised. Build virtual smartcards, protect mobile apps, and more with pure software agility. Integrate strong two-factor and multi-factor authentication into a mobile app – no hardware, no one-time password, no software token required. Replace traditional smartcards with virtual ones to authenticate employees and reduce operational strain and total cost of ownership. Protect machine and human electronic identities and the root certificate authority which oversees them. Protecting PII with maximum security, best user experience. -
11
Entro
Entro Security
Non-Human Identity & Secrets Security Platform. A pioneer in non-human identity management, Entro enables organizations to securely utilize non-human identities and secrets, overseeing their usage and automating their lifecycle from inception to rotation. Secrets-based cyber attacks are devastating and growing as more and more secrets are created by R&D teams and spread across various vaults and repositories with no real secret management, monitoring, or security oversight. Streamline and secure your non-human identity lifecycle management. With Entro, security teams can now oversee and protect Non-human identities with automated lifecycle management and seamless integration, ensuring comprehensive security & compliance through a unified interface. -
12
Onboardbase
Onboardbase
Onboardbase is the a secret management infrastructure platform that provides single source of shared truth for app secrets and usage. It helps dev teams securely share and work with environment-specific configs at every development stage, synced across infrastructure without compromising security - this means development teams can focus on building great apps rather than managing secrets and data. Secrets are dynamically kept up to date across your environments and infrastructure, with 50+ integrations and growing. Dev teams can monitor and audit how long, where and when your secrets are used and revoke usage anywhere with a click. Powerful always-on codebase scanning features prevent developers from accidentally leaking secrets to production, maintaining a robust security model.Starting Price: Free -
13
Entrust Identity Enterprise
Entrust
The world's most proven on-prem identity & access management (IAM) solution for strong digital security. Identity Enterprise is an integrated IAM platform that supports a full suite of workforce, consumer, and citizen use cases. Ideally suited for high-assurance applications that require a Zero Trust approach for thousands or millions of users, Identity Enterprise can be deployed on-premises or as a virtual appliance. Never trust, always verify. Protect your organization and user communities both inside and outside the perimeter. Secure workforce, consumer, and citizen identities with high assurance use case coverage including credential-based access, smart card issuance, and best-in-class MFA. Limit user friction with adaptive risk-based authentication, passwordless login, and cloud app federation. Option to use digital certificates (PKI) for a higher level of security when and where warranted, either with a physical smart card or a virtual smart card. -
14
Secomea
Secomea
Secomea Prime is a secure-remote-access and industrial IoT solution purpose-built for operational technology and industrial control systems. It enables technicians, vendors, and maintenance teams to access, program, troubleshoot, and maintain machines (PLCs, HMIs, SCADA, DCS, RTUs, etc.) remotely, from any device and location, without needing VPNs, open ports, or inbound traffic. Secomea includes a turnkey gateway (hardware or software), SiteManager, that connects to legacy and modern OT equipment and supports a variety of protocols, including Modbus, Ethernet/IP, serial/USB, Layer-2 tunneling, and more. Once deployed (often in under a day per site), Secomea provides unified remote-access management via GateManager and LinkManager; administrators set granular, role-based access controls and authenticate users securely (e.g., via MFA or SSO such as Azure AD or Okta), then track, log, and record every session for audit, compliance, and troubleshooting purposes. -
15
AhnLab CPS PLUS
AhnLab
AhnLab CPS PLUS is a unified “CPS protection” platform engineered to secure cyber-physical systems, covering operational-technology endpoints and networks as well as IT systems connected to OT. It addresses how OT environments, historically isolated and stable, have increasingly become intertwined with IT networks, increasing attack surfaces and risk for industrial operations. CPS PLUS offers extensive coverage across both IT and OT domains using a platform-centric architecture wherein multiple security modules interoperate under a central management console, AhnLab ICM. It implements a systematic threat-management workflow of identify, detect, and respond, enabling continuous asset visibility, network monitoring, vulnerability assessment, and threat detection without compromising system stability. Its multi-layered defense incorporates firewall, intrusion prevention (IPS), DDoS mitigation, sandboxing, and other protective modules. -
16
BeyondTrust Endpoint Privilege Management
BeyondTrust
Eliminate unnecessary privileges and elevate rights to Windows, Mac, Unix, Linux and network devices without hindering productivity. Our experience implementing across over 50 million endpoints has helped create a deployment approach with rapid time to value. Available on-premise or in the cloud, BeyondTrust enables you to eliminate admin rights quickly and efficiently, without disrupting user productivity or driving up service desk tickets. Unix and Linux systems present high-value targets for external attackers and malicious insiders. The same holds true for networked devices, such as IoT, ICS and SCADA. Gaining root or other privileged credentials makes it easy for attackers to fly under the radar and access sensitive systems and data. BeyondTrust Privilege Management for Unix & Linux is an enterprise-class, gold-standard privilege management solution that helps security and IT organizations achieve compliance. -
17
AWS Secrets Manager
Amazon
AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text. Secrets Manager offers secret rotation with built-in integration for Amazon RDS, Amazon Redshift, and Amazon DocumentDB. Also, the service is extensible to other types of secrets, including API keys and OAuth tokens. In addition, Secrets Manager enables you to control access to secrets using fine-grained permissions and audit secret rotation centrally for resources in the AWS Cloud, third-party services, and on-premises. AWS Secrets Manager helps you meet your security and compliance requirements by enabling you to rotate secrets safely without the need for code deployments.Starting Price: $0.40 per month -
18
Cyolo
Cyolo
Cyolo provides your global workforce with convenient and secure access to applications, resources, workstations, servers and files, regardless of their location or the device used. Cyolo’s Zero Trust platform is built for easy deployment and scales with minimal effort, supporting a wide range of business needs, growth and expansion. The Cyolo platform grants access to the authorized asset and not to the network itself, allowing you to achieve your security objectives without compromising business needs or user experience. Cyolo’s platform enhances visibility and control by applying granular policies and enabling real-time supervised access and session recording. This gives you a full audit trail that can integrate with your existing SIEM solution. Enable granular policies based on user ID, device ID, application, time and action, user & device location. Enable session recordings for risky users. -
19
StrongKey
StrongKey
StrongKey has been in the PKI business for almost 20 years, with implementations across the globe in a diverse range of applications. StrongKey Tellaro provides a full public key infrastructure (PKI) platform for managing keys and digital certificates. With a built-in hardware security module (HSM) and EJBCA server, customers are able to issue digital certificates with our Tellaro E-Series based on securely generated public keys. Private keys are generated and stored within the HSM. Our PKI management solution integrates with TLS/SSL, identity access management (IAM), digital signature, secrets management, and device management systems. StrongKey Tellaro is a comprehensive software suite that provides strong authentication, encryption, tokenization, PKI management, and digital signature management. Our open-source software includes a FIDO® Certified FIDO2 server, and we support flexible data center and cloud deployment models. -
20
Britive
Britive
Permanent elevated privileges leave you open to increased data loss & account damage due to insider threats & hackers 24/7. Temporarily granting & expiring Just In Time Privileges with Britive instead minimizes the potential blast radius of your privileged human and machine identities. Maintain zero standing privileges (ZSP) across your cloud services, without the hassle of building a DIY cloud PAM solution. Hardcoded API keys and credentials, typically with elevated privileges, are sitting targets for exploits, and there are 20x more machine IDs using them than there are human users. Granting & revoking Just-in-Time (JIT) secrets with Britive can significantly reduce your credential exposure. Eliminate static secrets & maintain zero standing privileges (ZSP) for machine IDs. Most cloud accounts become over-privileged over time. Contractors & employees often maintain access after they leave. -
21
CyberArk Machine Identity Security
CyberArk
CyberArk Machine Identity Security provides comprehensive protection for all machine identities, including secrets, certificates, workload identities, and SSH keys. The platform offers centralized visibility and scalable automation to secure these non-human identities throughout their lifecycle. Designed to help organizations reduce risk and maintain resilience, CyberArk ensures secure machine identity management across on-premises, cloud, and hybrid environments. -
22
Accops HyID
Accops Systems
Accops HyID is a futuristic identity and access management solution that safeguards critical business applications and data from misuse by internal as well as external users, by managing user identities and monitoring user access. HyID provides enterprises with strong control over endpoints, enabling contextual access, device entry control and flexible policy framework. The out-of-the-box MFA is compatible with all modern and legacy apps, cloud and on-prem apps. It enables strong authentication based on OTP delivered via SMS, email and app, biometrics, and device hardware ID & PKI. Single sign-on (SSO) feature provides better security and convenience. Organizations can monitor security posture of the endpoints, including BYOD devices, and grant or deny access based on real-time risk assessment. -
23
Armis Centrix
Armis
Armis Centrix™ is a comprehensive cyber exposure management platform that provides continuous, real-time visibility and protection across IT, OT, IoT, and IoMT environments. Powered by the Armis AI-driven Asset Intelligence Engine, it identifies every connected device, assesses cyber risk, and monitors vulnerabilities across an organization’s entire digital attack surface. The platform automates risk scoring, streamlines compliance reporting, and supports rapid incident response through deep asset intelligence. With capabilities that span asset management, OT/IoT security, medical device protection, and early warning threat detection, Armis Centrix™ enhances operational resilience for modern enterprises. VIPR Pro adds advanced prioritization and remediation to connect findings directly to actionable fixes. Designed as a cloud-native, frictionless platform, Armis Centrix™ empowers organizations to reduce exposure, strengthen security posture, and maintain continuity at scale. -
24
Clutch
Clutch
Clutch is addressing the increasingly critical challenge of non-human identity security within modern enterprises. As digital infrastructures expand and become more complex, the management and security of non-human identities, ranging from API keys and secrets to tokens and service accounts, have emerged as a pivotal yet often neglected aspect of cybersecurity. Recognizing this gap, Clutch is developing an enterprise platform dedicated to the comprehensive protection and management of these identities. Our solution is designed to fortify the digital backbone of enterprises, ensuring a secure, resilient, and trustworthy environment for their operations. Ever expanding, outpacing human identities by a staggering ratio of 45 to 1. Holds critical privileges and extensive access, essential for mission-critical automated processes. Lacks inherent security controls such as MFA and conditional access policies. -
25
Axiad Cloud
Axiad Cloud
Systematically authenticate across all users, machines, and interactions with a cloud-based, complete, and flexible authentication platform. Axiad helps organizations move to a passwordless future without the friction and risk of fragmented solutions and ultimately improve their cybersecurity posture and empower their end users. Establish best practices for user security, eliminate silos, and meet compliance requirements with enterprise-grade passwordless MFA. Establish best practices for user security, eliminate silos, and meet compliance requirements with government-grade phishing-resistant authentication. Go beyond an in-place IAM product, establish best practices for user security, and meet compliance requirements with passwordless and phishing-resistant MFA. Enhance machine identity authentication and improve overall security with a unified, highly customizable PKI solution. -
26
Shape protects web and mobile applications and API endpoints from these sophisticated automation attacks that would otherwise result in large scale fraud. To websites and mobile applications, attackers appear virtually identical to genuine users by hijacking their devices, simulating human behavior, and leveraging stolen identities. Attackers rapidly evolve tools and methods, making it nearly impossible for apps or even humans alone to tell the difference between real and fake. Shape solutions leverage artificial intelligence and machine learning, among other technologies, to accurately determine in real-time if an application request is from a fraudulent source, and if so, effectively mitigate. As soon as new countermeasures are deployed, 5%-10% of attackers will typically attempt to retool and start a new attack. Shape solutions adapt and maintain full efficacy even as attackers evolve.
-
27
MetaDefender OT Access
OPSWAT
MetaDefender OT Access enables secure, just-in-time remote access to Operational Technology (OT) and Cyber-Physical Systems (CPS), allowing both internal employees and external vendors to connect safely over mutually authenticated, outbound-only TLS tunnels without exposing OT networks to inbound traffic risks. It supports various industrial and IT protocols (e.g., Ethernet/IP, MODBUS, OPC UA, S7Comm, Telnet, SSH, RDP, HTTPS), enabling compatibility across a wide range of legacy and modern OT infrastructure. Depending on deployment mode, the solution can be cloud-managed (with remote configuration via AWS-hosted services) or on-premises (with a local Management Console), making it suitable for both internet-connected and air-gapped environments. It leverages components such as an Admin UI, Windows client (or service-level client), and a Management Console (in on-site deployments) to manage connections and enforce security policies. -
28
ConsoleWorks
TDi Technologies
ConsoleWorks is a unified IT/OT cybersecurity and operations platform designed for privileged-access users. ConsoleWorks delivers secure, persistent remote access and full management of permissions, enabling organizations to control access to operating systems, network devices, configuration ports, servers, storage, applications, and more under a centralized, role-based access control model. It operates agent-lessly: instead of installing software agents on each asset, ConsoleWorks maintains a constant, secure connection that works regardless of an asset’s state (powered on/off, OS up/down), giving “out-of-band” control and visibility. It monitors and logs every privileged action, down to the keystroke, offering continuous auditing, session recording, configuration monitoring, patch and asset-inventory tracking, and automatic detection of configuration changes. -
29
AppViewX CERT+
AppViewX
The AppViewX CERT+ platform provides users with a full-cycle certificate management suite, enabling 360-degree control and visibility into network infrastructures. It permits the handling of certificate operations such as renewals, revocation, and provisioning from a single interface, and is ingrained with workflow automation, dynamic monitoring, and auditing capabilities. The platform is built for convenience, and drastically reduces the errors, outages, and downtime caused by improper management of PKI. AppViewX software can be deployed in the Linux virtual machines on all AWS elastic compute cloud (EC2), Azure Compute and Google Compute Engine using thesoftware installer. Contact AppViewX team from the Azure and Google Cloud marketplace listings. CERT+ has API integrations with private CA certificate authority services. Certificates can be seamlessly enrolled from these services and used on any devices or applications being managed via CERT+. -
30
CyLock
Cybernexa
Cybernexa, a global leader in information security, pioneers cutting-edge solutions such as CyLock MFA, SSO, ADPass, and PKI. Committed to innovation, our robust products address the dynamic security needs of today's mobile-centric environment. Offering seamless integration, CyLock MFA ensures multi-factor authentication, while CyLock SSO simplifies access to multiple systems. Manage Active Directory securely with CyLock ADPass, and fortify data integrity with CyLock PKI's encryption. Beyond products, our dedicated team delivers comprehensive cybersecurity compliance services, ensuring your organization stays ahead of threats. Choose Cybernexa for unparalleled security innovation, global reach, and comprehensive services tailored to diverse sectors. -
31
BlastShield
BlastWave
BlastShield is a zero-trust, software-defined perimeter solution designed to protect critical IT and OT assets by rendering them invisible and inaccessible to unauthorized users. It establishes an encrypted, peer-to-peer overlay network that cloaks protected devices and data from network scanning or traffic analysis tools, preventing credential theft, reconnaissance, and lateral movement. BlastShield combines phishing-resistant, passwordless multi-factor authentication (including mobile authenticators or FIDO2 keys), microsegmentation, data-in-motion encryption, and policy-based access controls to ensure only explicitly authorized devices and users can connect. It supports deployment across a wide range of network environments, TCP/IP, SCADA, SD-WAN, or even raw Ethernet, and can protect everything from legacy OT/ICS equipment, sensors, PLCs, HMIs, cloud VMs, and virtual infrastructure.Starting Price: Free -
32
SurePassID
SurePassID
SurePassID is an advanced, deploy-anywhere multi-factor authentication platform built to secure both IT and OT (operational technology) environments, including critical infrastructure, legacy systems, on-premise, air-gapped, hybrid cloud, or fully cloud-based operations. It supports a wide variety of authentication methods; passwordless, phishing-resistant approaches like FIDO2/WebAuthn (with FIDO2 PIN, biometric, or push), as well as one-time passwords (OTP via OATH HOTP/TOTP), mobile push, SMS, voice, and traditional methods. SurePassID integrates with common operating systems, including domain and local logins, RDP/SSH remote access, and even legacy or embedded Windows systems often found in OT/ICS/SCADA environments, enabling offline 2FA when needed. It also supports securing VPNs, network devices, appliances, legacy applications, web apps (via SAML 2.0 or OIDC identity provider functionality), and network-device access protocols.Starting Price: $48 per year -
33
Token Security
Token Security
Token Security accelerates secure enterprise adoption of Agentic AI by discovering, managing, and governing every AI agent and non-human identity across the organization. From continuous visibility to least-privilege enforcement and lifecycle management, Token Security provides complete control over AI and machine identities, eliminating blind spots, reducing risk, and ensuring compliance at scale. -
34
Evo Security
Evo Security
Eliminate credential sharing, establish powerful administrative permissions, mass deploy login security for your customers, and meet insurance and compliance requirements with Evo Security. EPIC is the next evolutionary step for MSPs, MSSPs, NOCs, and SOCs seeking to reduce credential sharing risk and secure logins for endpoints, network devices, and web applications all-in-one. The big secret about managed services is that MSP administrators are forced to share customer passwords and MFA codes internally. Password Managers and other Password Rotation tools offer sharing convenience with some iterative improvements, however ultimately propagate the same problem. With cybercriminals targeting MSPs more than ever, and regulation mandates demanding a better way, this involuntary poor practice has run its course. Easily accommodate managed or co-managed Customer scenarios when technicians and administrators need access to the Evo platform using the Evo Privileged Access Manager. -
35
LinkGuard
Blue Ridge Networks
LinkGuard from Blue Ridge Networks is a cybersecurity and network-segmentation solution designed to secure critical IT and OT (operational technology) assets by placing them inside a “stealth” overlay that isolates, conceals, encrypts, and authenticates access to sensitive systems. LinkGuard uses a zero-trust, high-assurance cryptographic overlay (called CyberCloak) that creates separate secure Layer-2 network enclaves, segregating protected systems from the general network and each other, thereby dramatically reducing the attack surface without requiring changes to existing network infrastructure. Because LinkGuard operates as an overlay rather than replacing underlying networking or requiring reconfiguration of IP addressing, it can rapidly deploy using pre-configured cryptographic devices (like BorderGuard) and/or client-side agents, enabling secure remote access across distributed sites. -
36
XONA
XONA
XONA enables frictionless user access that’s purpose-built for operational technology (OT) and other critical infrastructure systems. Technology agnostic and configured in minutes, XONA’s proprietary protocol isolation and zero-trust architecture immediately eliminates common attack vectors, while giving authorized users seamless and secure control of operational technology from any location or device. With integrated multi-factor authentication, user-to-asset access controls, user session analytics, and automatic video recording, XONA is the single, secure portal that connects the cyber-physical world and enables critical operations to happen from anywhere with total confidence and trust. XONA enables users to connect to critical assets and systems from anywhere securely. See how a technician quickly logs into a XONA CSG and authenticates, allowing them to connect to an HMI and address any issues remotely. -
37
Sepio
Sepio
Detect, accurately identify, and manage your asset risks based on existence, not behavior. Augmented by OSINT data sources and internal cyber research, Sepio provides up-to-date intelligence on known asset vulnerabilities, so you don’t have to chase them. Granular parameters allow you to create and customize multiple differentiated policies that govern your entire ecosystem of IT, OT, and IoT assets so you have flexibility when it comes to managing your risks. Automated policy enforcement ensures immediate and uniformly applied action saving you from manual intervention so you can respond to asset risks and threats faster. Integration with third-party tools allows for expanded policy actions. Complete visibility to all of your assets, whether connected as a peripheral or a network element. Mitigate risks from uncontrolled or spoofing assets. Easy to operate, requiring low maintenance and minimal human intervention. -
38
Keywhiz
Keywhiz
Keywhiz is a system for managing and distributing secrets. It can fit well with a service oriented architecture (SOA). Here is an overview in presentation format. Common practices include putting secrets in config files next to code or copying files to servers out-of-band. The former is likely to be leaked and the latter difficult to track. Keywhiz makes managing secrets easier and more secure. Keywhiz servers in a cluster centrally store secrets encrypted in a database. Clients use mutually authenticated TLS (mTLS) to retrieve secrets they have access to. Authenticated users administer Keywhiz via CLI. To enable workflows, Keywhiz has automation APIs over mTLS. Every organization has services or systems that require secrets. Secrets like TLS certificates/keys, GPG keys, API tokens, database credentials. Keywhiz is reliable and used in production, however occasional changes may break API backward compatibility. -
39
Dispel
Dispel
The industry's fastest remote access system that exceeds cybersecurity standards. Remote access is useful only if your team chooses to use it. That means it must be more than a security spec sheet. It must be fast, intuitive, and yes, look good. A person on a company's warehouse tablet selects the system they need to reach. Device and protocol whitelisting are hidden from view. The intense escalation of demand under COVID broke the administrative processes underlying most remote access systems. Reestablish and maintain coherent control of your networks using Dispel, a platform built to condense information to the essentials and automate the task waterfalls that would otherwise bog down changepoint decisions. A vendor requests access through a form by defining their identity, reason for access, access scope, and time frame. The request is logged and automatically sent to an administrator, who can approve or deny the request. -
40
Silverfort
Silverfort
Silverfort’s Unified Identity Protection Platform is the first to consolidate security controls across corporate networks and cloud environments to block identity-based attacks. Using innovative agentless and proxyless technology, Silverfort seamlessly integrates with all existing IAM solutions (e.g., AD, RADIUS, Azure AD, Okta, Ping, AWS IAM), extending coverage to assets that could not previously have been protected, such as legacy applications, IT infrastructure, file systems, command-line tools, and machine-to-machine access. Our platform continuously monitors all access of users and service accounts across both cloud and on-premise environments, analyzes risk in real time, and enforces adaptive authentication and access policies. -
41
Neeve
Neeve
Making spaces work for people relies on a solid technology foundation. Neeve’s edge cloud infrastructure is a secure and scalable foundation for building operations, sustainability, and innovation. A unified platform to cyber secure your building, deploy smart building applications, unlock building data, and accelerate your journey to the cloud. Over a billion data points from all RXR buildings are now accessible through one centralized platform, enabling comprehensive analysis. Secure Edge provides a robust, auditable platform, that mitigates cybersecurity risks. Time-bound access and reduced vendor fees lead to streamlined equipment management, reduced truck rolls, and significant cost savings. Certified secure and deployed globally by leading companies. Neeve is an edge cloud platform transforming smart buildings and spaces, making them more secure, smarter, and more sustainable. -
42
HID IdenTrust
HID
Comprehensive lifecycle management of every certificate in your network for on-premise or cloud-based PKI deployments. Easily migrate from existing certificate authority with policy-based automated issuance, renewal and revocation, eliminating manual processes and related errors. Enterprises increasingly rely on public key infrastructure (PKI) to secure machines, devices, and human access using keys and digital certificates. In partnership with Keyfactor, HID IdenTrust offers a way to simplify PKI and automate certificate lifecycle management at scale. HID IdenTrust delivers cloud-based managed PKI to issue public, private or U.S. Government interoperable (FBCA) digital certificates to secure websites, network and IoT devices, and workforce identities. Discover every certificate across network and cloud environments with real-time inventory of public and private CAs, distributed SSL/TLS discovery tools, and direct integration with key and certificate stores. -
43
CyberArk Customer Identity
CyberArk
Delight your customers with easy and secure access to your websites and apps that keep them loyal to your business. Expectations for great digital experiences are at an all-time high. Meanwhile, the attack surface is more porous than ever. With CyberArk Customer Identity, you can securely open up your websites and apps to customers with confidence. Seamless integration, intuitive access controls and frictionless sign-on experience. Privacy, consent and identity verification in one platform. Pre-built widgets and open APIs to reduce development effort. Secure access to business apps for human and machine identities. Secure access for machine identities within the DevOps pipeline. Reduce complexity and burden on IT while improving protection of the business. Provide secure single sign-on access to your apps and services. -
44
Claroty
Claroty
Powered by our Continuous Threat Detection (CTD) and Secure Remote Access (SRA) solutions, our platform provides a full range of industrial cybersecurity controls that integrate seamlessly with your existing infrastructure, scale effortlessly, and have the industry's lowest total cost of ownership (TCO). The comprehensive industrial cybersecurity controls our platform provides revolve around the REVEAL, PROTECT, DETECT, CONNECT framework. Our platform's features empower you to achieve effective industrial cybersecurity, regardless of where you are on your industrial cybersecurity journey. The Claroty Platform is deployed across multiple industries, each with unique operational and security needs. Effective industrial cybersecurity starts with knowing what needs to be secured. Our platform removes the barriers that limit industrial networks from securely connecting to what enables the rest of the business to operate and innovate with an acceptable level of risk. -
45
Intel vPro Manageability
Intel
Intel vPro Manageability delivers a hardware-level, comprehensive remote-management solution for PC fleets. It builds on the broader Intel vPro platform, which integrates performance, multilayer security, remote management, and stability into business-grade PCs. With Manageability (via technologies such as Intel Active Management Technology, or AMT, and cloud-based tools like Intel Endpoint Management Assistant, or EMA), IT teams can remotely discover, configure, update, and repair devices anywhere, including those outside the corporate firewall. This includes out-of-band capabilities: IT can power systems on/off, boot or reboot, redirect boot to remote images, access BIOS settings, perform remote repair or reinstallation, and control keyboard/video/mouse (KVM) over IP even if the operating system is down or the PC is powered off. Meanwhile, Intel vPro’s built-in security (hardware-based protections, below-the-OS safeguards, encryption, and secure firmware/boot. -
46
OTbase
Langner
OTbase is a productivity and collaboration tool for your journey towards secure and resilient OT networks. It enables users in cyber security and engineering roles to stay on top of hyper-complex OT networks with hundreds of thousands of devices. OTbase not just inventories your OT systems automatically, it also acts as a plattform to streamline, plan, and document your digital transformation journey. OTbase provides full transparency on all aspects of your OT networks, from minute configuration details to high level KPIs in a CISO dashboard. OTbase enables cyber security experts, control engineers, maintenance experts, plant planners, process engineers, and SOC analysts to get the information they need in an instant. -
47
MSP360 Connect
MSP360
MSP360 Connect is a fast and secure remote access solution enabling remote support, helpdesk assistance, remote work, distance education, and more. It allows users to access and control Windows devices from any operating system at any time regardless of the computer’s global location. The main features: ▸ Fast and stable connection ▸ Advanced security ▸ Multi-monitor support ▸ File transfer ▸ Session recording ▸ Text and voice chat ▸ Multi-user sessionsStarting Price: $89.99 per year -
48
Honeywell Forge
Honeywell International
Honeywell Forge is a powerful analytics software solution that provides real-time data and visual intelligence. Connectivity is based on an extensible platform that is portable for deployment in any cloud or data center environment. It provides an enterprise-wide, top to bottom view, displaying the status of process, assets, people, and safety. Honeywell Forge is a persona-based solution that can be tailored to a particular role within the organization. Via digital twins, it uses real-time data to benchmark performance against best practice models, identifying opportunities. Users can drill down from an enterprise view, to site, to units, to determine details around the opportunity, including process and asset details. From there, actionable recommendations can be used to resolve problems and capture the identified benefits. -
49
Tosi
Tosi
The Tosi Platform is a purpose-built Cyber-Physical Systems platform designed specifically to secure, connect, and control Operational Technology (OT) networks and critical infrastructure. Unlike traditional IT tools adapted for OT, Tosi was engineered from the ground up for industrial environments: it supports native industrial protocols, tolerates extreme temperatures, and requires no complicated configuration. Deployment is rapid, sites can be up and running in under five minutes with a “plug-and-go” setup, allowing organizations to connect distributed infrastructure quickly and securely without specialized IT expertise. It implements a zero-trust security model with enterprise-grade protections: end-to-end 256-bit AES encryption, hardware-based authentication (with RSA keys), no open inbound ports, and ISO/IEC 27001:2022 certification. With Tosi, you get unified, centralized management through a single interface (TosiControl), enabling visual network topology views.Starting Price: Free -
50
Waterfall Security
Waterfall Security Solutions Ltd.
Waterfall Security Solutions is an industrial cybersecurity company, protecting critical industrial networks since 2007 with a lineup of hardware and software products. Waterfall has revolutionized how entire industries protect physical assets and industrial processes from cyberattacks. Waterfall’s patented, unidirectional products enable safe IT/OT integration, remote access, remote monitoring & diagnostics, cloud connectivity, and tamper-proof forensics, without the risks and threats that always accompany firewalled connectivity. Waterfall has a growing list of customers worldwide including power plants, nuclear plants, onshore/offshore platforms, refineries, rail systems, manufacturing plants, utility companies, and more. Waterfall’s products integrate with a very wide range of industrial systems and are widely recognized for simplifying compliance with security regulations, standards, and best practices.
