Alternatives to Ivanti Application Control
Compare Ivanti Application Control alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Ivanti Application Control in 2026. Compare features, ratings, user reviews, pricing, and more from Ivanti Application Control competitors and alternatives in order to make an informed decision for your business.
-
1
ManageEngine Endpoint Central
ManageEngine
ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the entire endpoint lifecycle, all from a single console. With automated patching across Windows, Mac, Linux and 1,000+ third-party applications, it ensures vulnerabilities are mitigated before attackers can exploit them. Its next-gen antivirus (NGAV) feature, powered by AI-driven behavioural detection, provides 24/7 protection against ransomware, malware, and zero-day threats. Endpoint Central further strengthens enterprise defenses with a broad set of security capabilities, including vulnerability assessment and mitigation, peripheral device control, data loss prevention, application control, endpoint privilege management, encryption with FileVault and BitLocker, and browser security. -
2
ThreatLocker
ThreatLocker
ThreatLocker is a Zero Trust Platform that prevents cyber threats by blocking unknown applications, enforcing least privilege, and controlling what can run across your environment. Using Allowlisting, Ringfencing, Network Control, and more, ThreatLocker stops ransomware, zero-day attacks, and unauthorized activity before execution, rather than relying on detection after the fact. Built for modern IT and cybersecurity teams, the platform delivers centralized visibility and policy management across endpoints, users, and applications. ThreatLocker reduces attack surface, limits lateral movement, and supports compliance with detailed audit logs. With fast deployment, a large built-in application library, and streamlined approvals, organizations can strengthen security while minimizing operational overhead and maintaining business continuity. -
3
Admin By Request Endpoint Privilege Management
Admin By Request
Admin By Request’s Endpoint Privilege Management gives organisations full control over local admin rights, application elevation, and endpoint privilege access across Windows, macOS, and Linux, without the complexity of traditional PAM solutions. For mid-market organisations, EPM acts as a complete, easy-to-deploy solution for managing endpoint access and privilege. It removes standing admin rights, enables just-in-time elevation, supports approval workflows, and provides full audit trails to strengthen security and meet compliance requirements. For enterprise organisations, EPM fits alongside existing security and identity stacks as a focused control layer that closes endpoint gaps traditional PAM solutions often leave behind, improving control without increasing support costs or requiring a full PAM overhaul. -
4
Airlock Digital
Airlock Digital
Airlock Digital is an application control solution that enforces a Deny by Default security posture. It enables organizations to define trusted applications, scripts, libraries, and processes at a granular level using file hash, path, publisher, or parent process. Only those explicitly defined as trusted are allowed to execute. The platform supports Windows, macOS, and Linux systems, including legacy operating systems and operational technology (OT) environments. Airlock Digital includes allowlisting and blocklisting capabilities, integrated file reputation checks via VirusTotal, and detailed logging for audit and compliance. Exception management is supported through features such as rule-based overrides and time-bound One-Time Passwords (OTPs). Centralized policy management allows consistent enforcement across large and distributed environments. The platform is available as an on-premises deployment, in the cloud, or as a managed hosted service. -
5
Securden Endpoint Privilege Manager
Securden
Securden Endpoint Privilege Manager (EPM) helps enterprises remove admin rights without impacting productivity on Windows, Mac, and Linux endpoints. Securden EPM helps elevate applications for standard users and grant admin rights on a Just-in-Time basis, eliminating standing privileges while maintaining seamless operations. Enforce application control using allowlisting and blocklisting, enable on-demand and policy-based granular application elevation, and manage privileges even on offline endpoints. Capabilities include JIT local admin rights, application usage tracking, and local administrator group monitoring. Secure remote access supports IT helpdesk operations, while built-in controls help meet compliance requirements such as HIPAA, PCI-DSS, GDPR, and NERC-CIP. A highly scalable architecture and wide array of integrations make Securden EPM ideal for securing enterprise endpoints at scale. -
6
Securden Unified PAM
Securden
Securden Unified PAM is a privileged access security solution that lets you discover, centrally store, organize, share, manage, and keep track of all privileged identities, passwords, keys, documents, and other identities. It helps you establish a centralized password management system, automate management with approval workflows, control ‘who’ can access ‘what’, monitor, and record all access to critical IT assets, and enforce password security best practices. The major modules of Securden Unified PAM are password management, privileged account management, secure remote access, application control, endpoint privilege management, privileged session management, and SSH key management. The platform supports compliance with NIS2, DORA, NIST, PCI-DSS, HIPAA, and ISO-IEC 27001. Installation typically takes only a few minutes, and a complete production-ready PAM can be achieved in less than a month with Securden Unified PAM. -
7
Heimdal® Endpoint Detection and Response is our proprietary multi-solution service providing unique prevention, threat-hunting, and remediation capabilities. It combines some of the most advanced threat-hunting technologies: - Next-Gen Antivirus - Privileged Access Management - Application Control - Ransomware Encryption Protection - Patch & Asset Management - Email Security - Remote Desktop - Threat Prevention ( DNS based ) - Threat Hunting & Action Center With 9 modules working together seamlessly under one convenient roof, all within one agent and one platform, Heimdal Endpoint Detection and Response grants you access to all the essential cybersecurity layers your business needs to protect itself against both known and unknown online and insider threats. Our state-of-the-art product empowers you to quickly and effortlessly respond to sophisticated malware with stunning accuracy, protecting your digital assets and your reputation in the process as well.Starting Price: $0/month
-
8
Zscaler
Zscaler
Zscaler, creator of the Zero Trust Exchange platform, uses the largest security cloud on the planet to make doing business and navigating change a simpler, faster, and more productive experience. The Zscaler Zero Trust Exchange enables fast, secure connections and allows your employees to work from anywhere using the internet as the corporate network. Based on the zero trust principle of least-privileged access, it provides comprehensive security using context-based identity and policy enforcement. The Zero Trust Exchange operates across 150 data centers worldwide, ensuring that the service is close to your users, co-located with the cloud providers and applications they are accessing, such as Microsoft 365 and AWS. It guarantees the shortest path between your users and their destinations, providing comprehensive security and an amazing user experience. Use our free service, Internet Threat Exposure Analysis. It’s fast, safe, and confidential. -
9
Delinea Privilege Manager
Delinea
Privilege Manager is the most comprehensive endpoint privilege elevation and application control solution that operates at cloud speed and scale. You can prevent malware from exploiting applications by removing local administrative rights from endpoints and implementing policy-based application controls. Privilege Manager prevents malware attacks without causing any end user friction that slows productivity. Available both on-premises and in the cloud, enterprises and fast-growing teams can manage hundreds of thousands of machines through Privilege Manager. With built-in application control, real-time threat intelligence, and actionable reporting, it is easier than ever to manage endpoints and demonstrate compliance with least privilege policies to executives and auditors. -
10
Application Control Plus is an enterprise solution that leverages application control and privilege management features to fortify endpoint security. With application discovery, rule-based whitelisting/blacklisting, management of application-specific privileges, and just-in-time access enabled for temporary requirements, this software ensures that it caters to the end-to-end application needs of businesses. Ensure complete endpoint security by creating whitelists of applications that you trust, and keep all untrusted applications out of your network. Protect your risky legacy OS machines by deploying application control policies that prevent vulnerable applications without a patch from running. Augment the security of customer-facing systems such as point-of-sale or fixed-function machines by simulating an environment under lockdown using policies run in Strict Mode.
-
11
BeyondTrust Endpoint Privilege Management
BeyondTrust
Eliminate unnecessary privileges and elevate rights to Windows, Mac, Unix, Linux and network devices without hindering productivity. Our experience implementing across over 50 million endpoints has helped create a deployment approach with rapid time to value. Available on-premise or in the cloud, BeyondTrust enables you to eliminate admin rights quickly and efficiently, without disrupting user productivity or driving up service desk tickets. Unix and Linux systems present high-value targets for external attackers and malicious insiders. The same holds true for networked devices, such as IoT, ICS and SCADA. Gaining root or other privileged credentials makes it easy for attackers to fly under the radar and access sensitive systems and data. BeyondTrust Privilege Management for Unix & Linux is an enterprise-class, gold-standard privilege management solution that helps security and IT organizations achieve compliance. -
12
WALLIX BestSafe
WALLIX Group
Eliminate the need for user accounts with elevated permissions thanks to innovative endpoint privilege management. Achieve unparalleled security across all endpoints with permissions controlled at the application and process level – without impacting user productivity. Mitigate the risks of granting administrator privileges without overburdening your IT team. Endpoint Privilege Management applies the Principle of Least Privilege with seamless and granular application-level permissions control while empowering users to work efficiently. Block ransomware, malware, and crypto viruses from entering your network, even when users hold elevated privileges. Control privileges at the application and process-level and stop encryption operations with innovative endpoint protection technology. Enforce least privilege security efficiently, with no impact on user productivity and minimizing the need for IT intervention. -
13
Ivanti User Workspace Manager delivers a unified digital workspace that simplifies desktop configuration, accelerates migrations, and secures user sessions across physical, virtual, and cloud environments. Its multi-threaded logon engine replaces slow scripts and Group Policy settings with just-in-time, context-aware personalization for lightning-fast logons, while on-demand profile management eliminates bloat and corruption by loading only required data. Application Control enforces dynamic allowed-and-denied lists with out-of-the-box templates that let only trusted executables run, and Privilege Management grants elevated rights to individual applications without exposing full admin credentials. Roaming Office 365 caches optimize performance in virtual sessions, and automatic help-desk integration enables self-service requests for emergency privilege elevation or app access. Granular policies can adapt to time, location, device, network, and user context.
-
14
The ARCON | Endpoint Privilege Management solution (EPM) grants endpoint privileges ‘just-in-time’ or ‘on-demand’ and monitors all end users for you. The tool detects insider threats, compromised identities, and other malicious attempts to breach endpoints. It has a powerful User behavior Analytics component that takes note of the normal conduct of end users and identifies atypical behavior profiles and other entities in the network. A single governance framework enables you to blacklist malicious applications, prevent data being copied from devices to removable storage, and offers fine-grained access to all applications with ‘just-in-time’ privilege elevation and demotion capabilities. No matter how many endpoints you have because of WFH and remote access workplaces, secure them all with a single endpoint management tool. Elevate privileges according to your discretion, at your convenience.
-
15
CyberFOX AutoElevate
CyberFOX
AutoElevate is a privileged access management solution designed specifically for MSPs and IT professionals. It helps organizations remove unnecessary admin rights while maintaining productivity and operational efficiency. The platform enables secure privilege elevation, ensuring users receive access only when it’s needed. AutoElevate integrates seamlessly into existing IT environments without disrupting workflows. It centralizes privilege management into a single, easy-to-use interface. By controlling access to critical systems, it reduces the risk of security breaches caused by overprivileged accounts. AutoElevate allows IT teams to secure endpoints while keeping users productive. -
16
SecureKi
SecureKi
Secure access for your business, customers, or employees with our unparalleled identity security backed by a zero–trust philosophy. When it comes to protecting your data, passwords are the weakest link. That is why multifactor authentication has become the identity and access management standard for preventing unauthorized access. Verify the identity of all users with SecureKi. Compromised access and credentials most often are the leading attack vectors of a security breach. Our comprehensive privileged access management is designed to manage and monitor privileged access to accounts and applications, alert system administrators on high-risk events, reduce operations complexity, and meet regulatory compliance with ease. Privilege escalation is at the core of most cyber-attacks and system vulnerabilities. -
17
Netwrix Endpoint Policy Manager
Netwrix
Netwrix Endpoint Policy Manager is endpoint management software designed to secure and manage devices across modern work environments. It helps IT teams control Windows and macOS endpoints, whether users are working remotely or on-site. The platform focuses on enforcing least privilege access by removing unnecessary admin rights while still allowing users to run required applications. It includes features like ransomware prevention, application control, and policy enforcement to reduce security risks. Netwrix Endpoint Policy Manager also helps improve productivity by eliminating common user access issues and speeding up system performance. IT teams can deploy and manage Group Policy settings through cloud or mobile device management systems. The software automates tasks such as software deployment, patching, and configuration management. By combining security and automation, it helps organizations maintain consistent endpoint control while reducing support workloads. -
18
Securden Unified PAM MSP
Securden
To enforce complete access governance, MSPs purchase multiple solutions at a premium. We have combined all the required modules into one unified solution that solves the most crucial challenges faced by managed IT service providers. In addition to deploying robust access controls, MSPs can generate recurring revenue streams by providing privileged access management as a service. Grant JIT-based remote access to third parties and employees. Track and record all activities for complete control. Reduce the attack surface by eliminating external and internal threats. Automate privileged access provisioning to reduce helpdesk load and eliminate unnecessary downtime. Deploy robust privileged access workflows and realize an increase in efficiency instantly. -
19
Heimdal Application Control
Heimdal®
Heimdal Application Control is a novel approach to integrative application management and user rights curation. Modular and easy to set up, App Control empowers the system administrator to create all-encompassing rule-based frameworks, streamline auto-dismissal or auto-approval flows, and enforce individual rights per Active Directory group. The tool’s uniqueness comes from its ability to perfectly pair with a (PAM) Privileged Access Management solution, imparting the user with granular oversight of software inventories and hardware assets. -
20
CyberArk Endpoint Privilege Manager
CyberArk
Your security must be as nimble as you are. Endpoint Privilege Manager can adjust in real time to give users on-demand local admin access whenever they need it. Attackers work hard to find your vulnerabilities. We work harder, by automatically blocking credential theft before it can do damage. There are millions of ransomware variations out there today. Our solution is proven to prevent 100% of ransomware attacks. Temporarily elevate end-user privileges for specific tasks, on-demand, in real-time, with minimal help desk involvement. Stop ransomware before it stops you. Take control of local admin accounts without disrupting workflow. Work anywhere on any device—while securing your assets and your reputation. Secure every device without disrupting everyday operations. -
21
Segura
Segura
Segura® (formerly senhasegura) is a cybersecurity company focused on Privileged Access Management (PAM). Its platform helps organizations secure and manage privileged identities, credentials, and secrets across hybrid and cloud environments. Segura supports use cases such as credential vaulting, session monitoring, privilege elevation, and secrets management for DevOps. Designed to simplify complex identity security challenges, Segura provides IT teams with visibility, control, and tools to reduce risk and support compliance. The company operates globally through a network of partners and serves customers across key sectors, including finance, healthcare, government, telecom, and critical infrastructure. -
22
Ivanti
Ivanti
Ivanti offers integrated IT management solutions designed to automate and secure technology across organizations. Their Unified Endpoint Management platform provides intuitive control from a single console to manage any device from any location. Ivanti’s Enterprise Service Management delivers actionable insights to streamline IT operations and improve employee experiences. The company also provides comprehensive network security and exposure management tools to protect assets and prioritize risks effectively. Trusted by over 34,000 customers worldwide, including Conair and City of Seattle, Ivanti supports secure, flexible work environments. Their solutions enable businesses to boost productivity while maintaining strong security and operational visibility. -
23
Carbon Black App Control
Broadcom
Carbon Black App Control is a robust application control solution designed to prevent malware, ransomware, and other unauthorized applications from running on endpoints. It enables organizations to enforce security policies by only allowing trusted applications to execute, reducing the risk of cyber threats and improving endpoint security. With its centralized management console, Carbon Black App Control provides visibility and control over the applications running in an organization, ensuring that all software complies with security policies. This solution offers real-time protection and detailed reporting capabilities, allowing IT teams to easily detect and respond to security incidents. -
24
Check Point Application Control
Check Point
Application Control provides the industry’s strongest application security and identity control to organizations of all sizes. Integrated into the Check Point Next Generation Firewalls (NGFW), Application Control enables businesses to easily create granular policies based on users or groups, to identify, block or limit the usage of applications and widgets. Applications are classified into categories, based on diverse criteria such as application type, security risk level, resource usage, productivity implications, and more. Granular control of social networks, applications, and application features, identify, allow, block, or limit the usage. Leverages the world’s largest application library, grouping apps into categories to simplify policy creation and protect against threats and malware. Integrated into Next Generation Firewalls enables consolidation of security controls decreasing costs. Only the right users and devices can access your protected assets. -
25
Ivanti Security Controls
Ivanti
Ivanti Security Controls is an automated patch management solution that simplifies security through unified prevention, detection, and response across physical and virtual environments. It automatically discovers vulnerabilities and missing OS or third-party application patches, then deploys updates to servers, workstations, VMs, and templates, online or offline, via agentless patching and remote task scheduling to minimize disruption. Granular privilege management implements just enough and just-in-time administration to remove full admin rights while elevating access temporarily for approved tasks. Dynamic allowlisting enforces preventive policies so only known, trusted applications can execute, supported by a data-gathering mode that monitors application usage to refine controls and eliminate false positives. CVE-to-patch list creation automates grouping of relevant updates from any vulnerability assessment, and REST APIs enable integration and orchestration. -
26
Osirium
Osirium
In the current world of outsourcing, it can be hard to see who has privileged access to what on your systems. These days, the lowest-paid people have the highest privileges - and they may not even work for your organization. Osirium readdresses this balance for end-user organizations and uniquely allows MSSPs to manage tens of thousands of account credentials, outsource safely and keep their clients happy on the compliance front. Those “admin” accounts can make substantial changes to those systems. For example, they can access valuable corporate IP, reveal personally identifiable information (PII), or control how customers, staff, and partners do their work. It's also worth considering the need to protect other accounts such as the corporate Facebook, Instagram, and LinkedIn accounts as improper use could cause significant reputational damage. It’s no surprise that these accounts are the most prized targets for cyber attackers as they are so powerful. -
27
Secuve TOS
Secuve
SECUVE TOS provides stonr user authentication based on digital signature and supports multiple access control policies. To control access privilege to illegal intruders including hackers, crackers and unauthorized internal users. Prevent forgery of modification of homepage or files, and data leakage. Protect computer systems againsts a variety of attacks resulting from security flaws inherent in operating systems. Detection and prevention of unauthorized network access to systems. Control over the execution of critical commands which can affect system operation. Delegation triggered when a system administrator executes a command requiring administrative privileges. Delegation triggered when the users of specific systems require the sessions for managing accounts. Event audit of user processes or background processes at the kernel level. -
28
PC Matic
PC Matic
PC Matic Pro's application whitelisting is a critical preventative layer of cyber-protection that resides on top of other endpoint security solutions. zero trust whitelisting solutions prevent hacking and cyber-attacks. Block all malware, ransomware, and malicious scripts from executing. Protect your business data, users, and network with our whitelist cybersecurity solution. PC Matic Pro represents a long overdue shift in the cybersecurity industry to absolute prevention. Today's threats to critical infrastructure, industry, and all levels of government demand nothing less. PC Matic Pro provides a patented default-deny security layer at the device that blocks all unknown executions without introducing headaches for IT. Unlike traditional security solutions, customer infections aren’t required to strengthen the whitelist architecture. Local overrides can be added after prevention with a focus on accuracy and without concern for responding to an already active infection.Starting Price: $50 per year -
29
Microsoft Intune
Microsoft
Transform IT service delivery for your modern workplace. Simplify modern workplace management and achieve digital transformation with Microsoft Intune. Create the most productive Microsoft 365 environment for users to work on devices and apps they choose, while protecting data. Securely manage iOS, Android, Windows, and macOS devices with a single endpoint management solution. Streamline and automate deployment, provisioning, policy management, app delivery, and updates. Stay up to date with a highly scalable, globally distributed cloud service architecture. Leverage the intelligent cloud for insights and baselines for your security policies and configuration settings. Help safeguard data when you don’t manage devices used by employees or partners to access work files. Intune app protection policies provide granular control over Office 365 data on mobile devices. -
30
Trellix Application Control
Trellix
Advanced persistent threats (APTs) to control points, servers, and fixed devices via remote attack or social engineering make it increasingly difficult to protect your business. Trellix Application Control helps you outsmart cybercriminals and keeps your business secure and productive. Ensure that only trusted applications run on devices, servers, and desktops. As users demand more flexibility to use applications in their social and cloud-enabled business world, Trellix Application Control gives organizations options to maximize their whitelisting strategy for threat prevention. For unknown applications, Trellix Application Control provides IT with multiple ways to enable users to install new applications: User Notifications and user self-approvals. Prevents zero-day and APT attacks by blocking the execution of unauthorized applications. Use inventory search and pre-defined reports to quickly find and fix vulnerabilities, compliance, and security issues in your environment. -
31
Identify privileged credentials and dependencies across the enterprise to streamline the implementation of privileged account management. Implement security controls that apply policies based on identity attributes to ensure the principle of “least privilege” is being applied. Track and record privileged activity to thwart breaches and support governance and compliance throughout the entire identity lifecycle. Support your Zero Trust strategy with a dynamic, scalable privileged access management solution that automatically adjusts access in real time. In a complex hybrid environment, uncovering every identity with elevated rights can be difficult or nearly impossible. NetIQ Privileged Account Manager enables you to identify which identities have elevated access across your entire environment and what dependencies exist, giving you the insight you need to better simplify, implement, and manage policies around privilege.
-
32
Netwrix Privilege Secure
Netwrix
Netwrix Privilege Secure is privileged access management software designed to protect systems by eliminating standing administrative privileges. It uses a zero standing privilege approach, granting access only when needed and removing it immediately after use. The platform helps reduce the risk of cyberattacks by limiting unnecessary access and preventing lateral movement across systems. It includes features such as just-in-time access, session monitoring, and detailed auditing to track privileged activity. Netwrix Privilege Secure also supports secure remote access with browser-based connections and multi-factor authentication. The solution can discover hidden privileged accounts and reduce privilege sprawl across environments. It provides granular control over permissions to ensure users only receive access required for specific tasks. By combining automation and security, it helps organizations strengthen access control and improve compliance. -
33
Delinea Cloud Suite
Delinea
Simplify user authentication to servers from any directory service, including Active Directory, LDAP, and cloud directories such as Okta. Enforce the principle of least privilege with just-in-time and just enough privilege to minimize the risk of a security breach. Identify abuse of privilege, thwart attacks, and quickly prove regulatory compliance with a detailed audit trail and video recordings. Delinea’s cloud-based SaaS solution applies zero-trust principles to stop privileged access abuse and reduce security risks. Experience elastic scalability and performance, supporting multi-VPCs, multi-cloud, and multi-directory use cases. Single enterprise identity to securely log in anywhere. A flexible, just-in-time model with privilege elevation. Centrally manage security policies for users, machines, and applications. Apply MFA policies consistently across all your regulated and business-critical systems. Watch privileged sessions in real-time and instantly terminate suspicious sessions. -
34
Centralize your multi-vendor infrastructure into a single security domain. Core Privileged Access Manager (BoKS) transforms your multi-vendor Linux and UNIX server environment into one centrally managed security domain. BoKS simplifies your organization’s ability to enforce security policies, and control access to critical systems and information. With full control over accounts, access and privilege, IT and security teams can proactively prevent internal and external attacks on critical systems before they start. Centralize management of user profiles and accounts for simplified administration and scalability. Secure your systems by managing user privileges and access to sensitive data—without slowing down productivity. Give users only the access they need and ensure that least privileged access is enforced across your hybrid environment.
-
35
Privileged Access Management
imprivata
Secure your most sensitive accounts in minutes with Imprivata Privileged Access Management. Privileged accounts, those with the highest level of access, pose a greater security risk than the average end user because of the degree of sensitive information that could be exposed. This risk isn’t lost on hackers, which is why 80% of security breaches involve compromised privileged credentials. Legacy PAM solutions are complex and resource-intensive, often requiring costly engagements with outside consultants. Imprivata Privileged Access Management combines all the features of a traditional enterprise-grade solution but with zero clients and server footprint. Incorporate the principle of least privilege by providing just enough access to complete a task through granular policy control at the system level. Get going in just minutes with a completely agentless architecture that helps you meet wide-ranging compliance requirements quickly.Starting Price: $25 per month -
36
Devolutions PAM
Devolutions
Devolutions Privileged Access Manager (PAM) discovers privileged accounts, automates password rotation, approves check-outs, enforces just-in-time (JIT) privilege elevation, and records every session—giving small and midsize businesses (SMBs) enterprise-grade control without enterprise-grade hassle. Bundle PAM with the Privileged Access Management package and it slots straight into Devolutions Hub delivered as SaaS (Software-as-a-Service) or a self-hosted on-premises (on-prem) Devolutions Server, while Remote Desktop Manager provides one-click launches and Gateway supplies secure tunnels. One integrated stack takes you from standing privileges to true zero-standing-privilege—all under a single pane of glass, complete with granular RBAC (Role-Based Access Control) and tamper-proof audit logs.Starting Price: $50/month/user -
37
Zentry
Zentry Security
Least privileged application access with consistent security for any user, anywhere. Transient authentication provides granular, least-privileged access to mission-critical infrastructure. Zentry Trusted Access provides clientless, browser-based, streamlined zero-trust application access for small to medium-sized enterprises. Organizations see gains in security posture and compliance, a reduced attack surface, and greater visibility into users and applications. Zentry Trusted Access is a cloud-native solution that is simple to configure, and even simpler to use. Employees, contractors, and third parties just need an HTML5 browser to securely connect to applications in the cloud and data center, no clients are needed. Leveraging zero trust technologies like multi-factor authentication and single sign-on, only validated users obtain access to applications and resources. All sessions are encrypted end-to-end with TLS, and each is governed by granular policies. -
38
Symantec PAM
Broadcom
Privileged accounts provide elevated and unrestricted access to users and systems and are necessary to perform key activities. Privileged accounts provide elevated and unrestricted access to users and systems and are necessary to perform key activities. Unfortunately, they are also one of the most common attack vectors because, when compromised, they enable hackers to access critical systems, steal sensitive data, and deploy malicious code. Today’s privileged access management technologies must not only enable you to create and enforce controls over users and systems that have elevated or “privileged” entitlements, but with the explosion of virtualized and cloud environments, the attack surface and number and types of privileged accounts have increased exponentially. -
39
Ivanti Neurons for Zero Trust Access empowers organizations with a continuous verification model and least-privilege connectivity, dynamically assessing user identities, device posture, and application sensitivity to enforce granular, context-aware access controls. It continuously evaluates and scores device risk based on running processes and applications, automatically quarantines unpatched or high-risk endpoints, and applies real-time, context-sensitive policies that grant users only the resources they need. A unified client streamlines VPN, software-gateway, and ZTNA management in a single pane, enabling seamless onboarding of employees, contractors, and partners with frictionless access anywhere. Actionable insights include step-up authentication, automated remediation, and comprehensive app-usage tracking, while intelligent risk ratings prioritize potential threats.
-
40
Delinea Cloud Access Controller
Delinea
Gain granular control over web applications and web-based cloud management platforms. Delinea's Cloud Access Controller provides a comprehensive PAM solution that operates at cloud speed and is quick to deploy and secure access to any web application. With Cloud Access Controller, you can easily integrate your existing authentication solutions with any web application without having to write any additional code. Apply granular RBAC policies that enforce least privilege and zero trust initiatives, even to custom and legacy web applications. Specify what an individual employee is allowed to read or modify within any web application. Grant, manage and revoke access to cloud applications. Specify who gets access to what, at a granular level. Track usage of each and every cloud application. Clientless session recording without agents. Secure access to all web applications, including social media, custom, and legacy web applications. -
41
WatchGuard Application Control
WatchGuard Technologies
Allow, block, or restrict access to applications based on a user’s department, job function, and time of day. It’s never been easier to decide who, what, when, where, why and how applications are used on your network. WatchGuard Application Control is part of the WatchGuard Basic Security Suite. The Basic Security Suite includes all the traditional network security services typical to a UTM appliance: Intrusion Prevention Service, Gateway AntiVirus, URL filtering, application control, spam blocking and reputation lookup. It also includes our centralized management and network visibility capabilities, as well as our standard 24x7 support. -
42
CyberArk Secure Cloud Access
CyberArk
CyberArk Secure Cloud Access protects cloud identities by managing access securely across multi-cloud environments without compromising user experience. It centralizes control with granular access policies and just-in-time privilege granting, helping reduce risk while maintaining productivity. Designed to integrate seamlessly with existing workflows, it ensures secure and efficient cloud access for developers, engineers, and administrators. -
43
Vault One
VaultOne Software
Have total control and visibility over who accesses your data, systems, applications, infrastructure and any other assets, preventing cyber attacks and data breaches. With VaultOne, protect your company’s resources and achieve compliance. VaultOne is redesigning the concept of privileged access management (PAM). Manage user access, credentials and sessions in a fast, secure and automated way. In a single and powerful solution, we offer multiple features, such as digital vault, password generator, sessions recording, auditing and reporting, customizable policies, disaster recovery and multi-factor authentication. If you’re looking for a solution to protect shared accounts, certificates and user access to applications, websites, servers, databases, cloud services and infrastructure, you’ve just found it. By creating customized access policies and managing users and privileges, you fight cyber attacks and avoid data breaches.4Starting Price: $99 per month -
44
ManageEngine Access Manager Plus
ManageEngine
Secure remote access for privileged sessions. Centralize, secure, and manage remote connections that provide privileged access to critical business systems. An exclusive privileged session management solution for enterprises. For businesses to be productive, it's important to enable privileged access to critical systems to the right employees, regardless of their location and the time of day they require access. But providing remote privileged users with such access presents huge security and privacy challenges, and legacy solutions like VPNs are often inflexible and simply don't cut it anymore. What modern enterprises need is a solution that enables direct access to every component in the infrastructure spread across the public and private clouds, while ensuring granular access controls, monitoring and recording all actions, and providing real-time control over every privileged session. ManageEngine Access Manager Plus is a web-based privileged session management softwareStarting Price: $495 per year -
45
You trust your privileged users with elevated access to critical systems, data, and functions. However, their advanced entitlements need to be vetted, monitored, and analyzed to protect your resources from cybersecurity threats and credential abuse. Research has found as much as 40% of insider cyberattacks involved privileged users. IBM Verify Privilege products, powered by Delinea, enable zero trust strategies to help minimize risk to the enterprise. Discover, control, manage, and protect privileged accounts across endpoints and hybrid multi-cloud environments. Discover unknown accounts. Reset passwords automatically. Monitor anomalous activity. Manage, protect, and audit privileged accounts across their lifecycles. Identify devices, servers, and other endpoints with administrative privileges to enforce least-privilege security, control application rights, and reduce impact on support teams.
-
46
Devolutions Server
Devolutions
Devolutions Server (DVLS) is a self-hosted solution designed to streamline account and credential management across your organization. Without centralized control, teams often struggle with unsecured credentials, unauthorized access, and inconsistent security practices. DVLS addresses these issues by offering a secure, shared account and credential management platform with the ability to enforce access policies, manage user roles, and provide detailed auditing. DVLS also includes optional privileged access components for organizations that require more granular control over sensitive accounts. Fully integrated with Remote Desktop Manager, it offers a seamless way to manage credentials and remote sessions, ensuring that all access is secure and well-governed. Whether you’re a small team or a large enterprise, Devolutions Server simplifies credential management and improves security.Starting Price: $3/month/user -
47
App-Ray
App-Ray
Despite all the investments businesses are making in security tools, attackers are still managing to slip through IT defenses. Elevated security measurements to prevent elevated access to sensitive data and resources became a must. With advanced Privileged Access Management (PAM) and log management solutions, you can secure your privileged accounts and keep your business safe. Our recommended solution protects organizations in real-time from threats posed by the misuse of high-risk and privileged accounts. Organizations may prevent, detect, and respond to cyber attacks, including both insider threats and external attacks using hijacked credentials - without adding additional constraints to working practices. -
48
Bravura Privilege
Bravura Security
Bravura Privilege secures access to elevated privileges. It eliminates shared and static passwords to privileged accounts. It enforces strong authentication and reliable authorization prior to granting access. User access is logged, creating strong accountability. Bravura Privilege secures access at scale, supporting over a million password changes daily and access by thousands of authorized users. It is designed for reliability, to ensure continuous access to shared accounts and security groups, even in the event of a site-wide disaster. Bravura Privilege grants access to authorized users, applications and services. It can integrate with every client, server, hypervisor, guest OS, database and application, on-premises or in the cloud. Discovers and classifies privileged accounts and security groups. Randomizes passwords and stores them in an encrypted, replicated vault. -
49
Iraje Privileged Access Manager
Iraje Software
Privileged accounts exist everywhere. There are many types of privileged accounts and they can exist on-premises and in the cloud. They differ from other accounts as they have rights for read, write, alter, and modify. Privileged Access Management (PAM) refers to systems that secure, control, manage and monitor the accounts of users who have elevated permissions to critical, corporate assets. Anyone inside an organization with superuser privileges has the potential to crash your enterprise systems, destroy data, delete or create accounts and change passwords and cause havoc, either through carelessness, incompetence or perhaps through malicious intent. The trouble is that accounts with superuser privileges, Including shared accounts, are necessary. One cannot run enterprise IT systems without granting some people the privileges to do system-level tasks. -
50
Ionic Machina
Ionic
Data security is managed in silos, but sensitive data traverses multiple applications, environments, data stores, and devices. This makes it challenging to scale data security and implement consistent access controls. Machina is your agile and dynamic authorization solution that easily handles modern challenges. Manage your shared responsibility to secure data at rest and in transit in the cloud and on-prem. Track how data is handled and accessed; audit how policies are enforced across your organization. Deliver context-aware dynamic authorization for each access request to maintain least privilege. Abstract access logic from app code to orchestrate policy enforcement across multiple environments. Implement and enforce consistent access policies in real-time across applications, repositories, workloads, and services. Monitor and analyze data handling and policy enforcement across your enterprise, and generate audit-ready proof of compliance.
