Alternatives to WALLIX Bastion
Compare WALLIX Bastion alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to WALLIX Bastion in 2026. Compare features, ratings, user reviews, pricing, and more from WALLIX Bastion competitors and alternatives in order to make an informed decision for your business.
-
1
1Password
1Password
1Password is a secure, scalable, and easy-to-use password manager that's trusted by the world's leading companies. Using 1Password makes it easy for your employees to stay safe online. Once 1Password is part of their workflow, good security habits will become second nature. 1Password Advanced Protection is now available with 1Password Business. Set Master Password policies, enforce two-factor authentication team-wide, restrict access with firewall rules, review sign-in attempts and require your team to use the latest version of 1Password. Our award-winning apps are available for Mac, iOS, Linux, Windows, and Android. 1Password syncs seamlessly across devices, so your employees always have access to their passwords. When everyone uses 1Password, your risk goes down — and your productivity goes up. -
2
Passwork
Passwork
Passwork is an on-premise corporate password manager built for security-conscious organizations. Developed and headquartered in Europe (Barcelona, Spain), Passwork meets GDPR, NIS2, ENS and other European regulatory requirements by design. All passwords and credentials are stored exclusively on your own server. Double-layer AES-256 encryption (server-side and client-side) with zero-knowledge architecture means your data stays within your infrastructure, fully under the control of your system administrators. Passwork is ISO/IEC 27001 certified. Your data never leaves your infrastructure. Trusted by enterprises for secure password sharing, privileged access management, & centralized credential governance. -
3
Keeper Security
Keeper Security
Keeper Security is transforming the way people and organizations around the world secure their passwords and passkeys, secrets and confidential information. Keeper’s easy-to-use cybersecurity platform is built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Keeper’s solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations globally, Keeper is the leader for best-in-class password and passkey management, secrets management, privileged access, secure remote access and encrypted messaging. Protect what matters at KeeperSecurity.com. -
4
Securden Password Vault for Enterprises
Securden, Inc
Securden Password Vault for Enterprises is a scalable, enterprise-grade credential management solution available in both cloud (SaaS) and on-premise deployments. It centralizes the storage of passwords, SSH keys, DevOps secrets, files, and other sensitive data in an AES-256 encrypted vault, helping organizations enforce strong security controls and defend against insider and external threats. The solution enables secure credential storage, granular access controls, automated password rotation, and just-in-time access while providing full visibility through audit logs, session recordings, and real-time alerts. IT teams can launch secure remote connections such as RDP, SSH, and SQL directly from the vault without exposing credentials. Trusted by enterprises worldwide, Securden helps organizations strengthen security posture, streamline credential governance, improve operational efficiency, and meet compliance requirements across industries. -
5
Securden Unified PAM
Securden
Securden Unified PAM is a privileged access security solution that lets you discover, centrally store, organize, share, manage, and keep track of all privileged identities, passwords, keys, documents, and other identities. It helps you establish a centralized password management system, automate management with approval workflows, control ‘who’ can access ‘what’, monitor, and record all access to critical IT assets, and enforce password security best practices. The major modules of Securden Unified PAM are password management, privileged account management, secure remote access, application control, endpoint privilege management, privileged session management, and SSH key management. The platform supports compliance with NIS2, DORA, NIST, PCI-DSS, HIPAA, and ISO-IEC 27001. Installation typically takes only a few minutes, and a complete production-ready PAM can be achieved in less than a month with Securden Unified PAM. -
6
Uniqkey
Uniqkey
Uniqkey: Protect every login. Access with confidence. Uniqkey is Europe’s trusted password and access management platform - purpose-built for companies that demand security, simplicity, and control. Engineered by European cybersecurity experts, our platform combines military-grade encryption with an effortless user experience. We remove complexity from everyday workflows, helping employees stay secure without slowing them down. From auto-filling 2FA codes to streamlining access across your cloud environment, Uniqkey keeps security frictionless and productivity high. With real-time visibility across your entire infrastructure, IT teams gain complete control over access rights, employee activity, and security scores - empowering them to defend against threats and drive compliance with confidence proactively. Seamlessly integrated with Microsoft and other core systems, Uniqkey makes provisioning and offboarding fast, automated, and secure. -
7
Reemo
Reemo
Reemo is a cybersecurity platform that secures all remote access to corporate resources, without any compromise on performance. From remote desktops (Remote Desktop + Remote Support) to virtualized environments (DaaS/VDI), web and business applications (RBI, third-party access, legacy apps), and even the most sensitive environments (restricted distribution and Bastion)... Reemo provides unified, granular, and auditable access, and is ISO 27001 and SOC 2 certified across its entire scope of operations. -
8
Admin By Request
Admin By Request
With rapid provisioning of Just-In-Time privilege elevation across your entire workforce. On-board and manage workstations and servers via a user-friendly portal. To reveal risky users and assets through thread and behavioral analytics to identify malicious software and prevent data breaches and malware attacks. By elevating applications - not users. Delegate privileges based on the user or groups to save time and monetary resources. Whether a developer in the IT department, a tech newbie in HR, or a third-party consultant needing to service one of your endpoints, there's a method of elevation appropriate for every user. All features come out-of-the-box with Admin By Request and can be tailored to the needs of individual users or groups. -
9
BastionPass
BastionWare
BastionPass was built out of necessity to create an all-encompassing, collaborative platform that can be utilized by family or coworkers in a manner, which other password manager solutions do not offer. Since inception, our focus has been to provide single identity management and sharing capabilities with a simple interface, creating a safe and effective solution for password management among individuals or team members. BastionPass helps manage your passwords so you won't have to. Sign in once with your master password and our plugin will log you in everywhere else automatically. Easily create unique, complex passwords for all your logins and keep them locked securely in our proprietary, triple-encrypted vault. Conveniently access, manage, or share your passwords from desktop or mobile. BastionPass was designed from the ground up to keep up with your digital life needs.Starting Price: $1.59 per user per month -
10
Delinea Secret Server
Delinea
Protect your privileged accounts with our enterprise-grade Privileged Access Management (PAM) solution. Available both on-premise or in the cloud. Get up and running fast with solutions for privileged account discovery, turnkey installation and out-of-the-box auditing and reporting tools. Manage multiple databases, software applications, hypervisors, network devices, and security tools, even in large-scale, distributed environments. Create endless customizations with direct control to on-premise and cloud PAM. Work with professional services or use your own experts. Secure privileges for service, application, root, and administrator accounts across your enterprise. Store privileged credentials in an encrypted, centralized vault. Identify all service, application, administrator, and root accounts to curb sprawl and gain a full view of your privileged access. Provision and deprovision, ensure password complexity and rotate credentials. -
11
BastionZero
BastionZero
Infrastructure teams must manage painful VPNs, homegrown bastion hosts, overprivileged certificate authorities, and long-lived credentials that present huge security risks. Infrastructure teams can easily configure, manage and secure fine-grained access controls to infrastructure targets in any cloud or on-prem environments. A single system for access all of your targets (servers, containers, clusters, databases, webservers) so you don’t have to manage an ever-growing set of systems. Provide zero-trust access to your targets by putting them behind your SSO and adding an independent MFA. Stop managing passwords. Use policy to control which users can log into which target under which role or user account. Capture the specific commands that a user ran on a target under a role or account via BastionZero’s access logs, command logs and session recordings.Starting Price: $300 per month -
12
Segura
Segura
Segura® (formerly senhasegura) is a cybersecurity company focused on Privileged Access Management (PAM). Its platform helps organizations secure and manage privileged identities, credentials, and secrets across hybrid and cloud environments. Segura supports use cases such as credential vaulting, session monitoring, privilege elevation, and secrets management for DevOps. Designed to simplify complex identity security challenges, Segura provides IT teams with visibility, control, and tools to reduce risk and support compliance. The company operates globally through a network of partners and serves customers across key sectors, including finance, healthcare, government, telecom, and critical infrastructure. -
13
Bastion
Bastion
Launch never-before-seen web3 experiences that exceed your users' expectations. Deliver cost-efficient transactions at web2 speeds and unlock new areas of growth. Discover more about your users with holistic analytics combining on-chain and off-chain activity. Bastion's white-label custodial wallets integrate seamlessly and securely with your current workflows, enhancing user experiences, and enabling advanced functionality such as subscriptions, loyalty programs, and immersive gaming experiences. Bastion’s system intelligently determines when to leverage the blockchain and when not to, ensuring rapid, cost-effective interactions without compromising your user experience. Bastion captures comprehensive data from both on-chain and off-chain activities, providing your enterprise with actionable recommendations and a holistic view of your users. -
14
Topicus KeyHub
Topicus
Topicus KeyHub offers Privileged Access Management for people. Gain easy and secure access to containers, sensitive data and production environments with privileged access management. KeyHub provides just-in-time access and enforces least privilege principles. -
15
Bravura Safe
Bravura Security
Bravura Safe is a zero-knowledge secret and passwords manager that centrally, consistently, and securely manages decentralized passwords, and secrets so your employees don't have to. It complements core password management solutions that organizations already use. Bravura Safe leverages two decades of Bravura Security’s enterprise cybersecurity solutions. Employees can securely send time-bound passwords for new accounts, encryption keys for files, or entire files without them being leaked or intercepted, and with only one password to their Bravura Safe to remember. The recent rising threat of organizational insiders being paid to help in cyberattacks combined with notoriously bad secret and password hygiene at an individual level is a cause for cybersecurity leaders to be concerned. While IT teams have focused on implementing strong SSO, password management, identity and even privileged access management solutions, the work-from-home world has caused shadow IT to explode. -
16
Azure Bastion
Microsoft
Managed RDP/SSH to VMs over SSL using private IP on the VM Azure Bastion is a fully managed PaaS service that provides secure and seamless RDP and SSH access to your virtual machines directly through the Azure Portal. Azure Bastion is provisioned directly in your Virtual Network (VNet) and supports all VMs in your Virtual Network (VNet) using SSL without any exposure through public IP addresses. Connect your RDP and SSH sessions directly in the Azure Portal using a single click experience Log into your Azure virtual machines and avoid public Internet exposure using SSH and RDP with private IP addresses only Integrate and traverse existing firewalls and security perimeter using a modern HTML5 based web client and standard SSL ports Use your SSH keys for authentication when logging into your Azure virtual machines -
17
Secure and Protect Privileged Accounts, Sessions and Credentials. Everywhere! RevBits Privileged Access Management is a six-in-one solution that includes privileged access, privileged session, password, service accounts, key and certificate management, as well as extensive session logging that captures keystrokes and video. RevBits Privileged Access Management native clients are available for common operating systems. As an organization’s need for comprehensive access management grows, the expansion of onboarding vendors will also increase. RevBits Privileged Access Management is built to provide comprehensive access management while reducing the growth in vendor onboarding. With five integrated access management modules in one solution, organizations are in control. Product Features:- Hardware Tokens Comprehensive Platform Coverage Customizable Password Management Extensive Audit Logs Access Granting Workflow Ephemeral Passwords Complete Key Management SSL Scanner
-
18
CyberArk Conjur
CyberArk
A seamless open source interface to securely authenticate, control and audit non-human access across tools, applications, containers and cloud environments via robust secrets management. Secrets grant access to applications, tools, critical infrastructure and other sensitive data. Conjur secures this access by tightly controlling secrets with granular Role-Based Access Control (RBAC). When an application requests access to a resource, Conjur authenticates the application, performs an authorization check against the security policy and then securely distributes the secret. Security policy as code is the foundation of Conjur. Security rules are written in .yml files, checked into source control, and loaded onto the Conjur server. Security policy is treated like any other source control asset, adding transparency and collaboration to the organization’s security requirements. -
19
Vault One
VaultOne Software
Have total control and visibility over who accesses your data, systems, applications, infrastructure and any other assets, preventing cyber attacks and data breaches. With VaultOne, protect your company’s resources and achieve compliance. VaultOne is redesigning the concept of privileged access management (PAM). Manage user access, credentials and sessions in a fast, secure and automated way. In a single and powerful solution, we offer multiple features, such as digital vault, password generator, sessions recording, auditing and reporting, customizable policies, disaster recovery and multi-factor authentication. If you’re looking for a solution to protect shared accounts, certificates and user access to applications, websites, servers, databases, cloud services and infrastructure, you’ve just found it. By creating customized access policies and managing users and privileges, you fight cyber attacks and avoid data breaches.4Starting Price: $99 per month -
20
HashiCorp Boundary
HashiCorp
Access any system from anywhere based on user identity. Traditional approaches like SSH bastion hosts or VPNs require distributing and managing credentials, configuring network controls like firewalls, and exposing the private network. Boundary provides a secure way to access hosts and critical systems without having to manage credentials or expose your network, and is entirely open source. Authenticate with any trusted identity provider you are already using. No need to distribute new credentials and manage them. Authorize access based on logical roles and services, instead of physical IP addresses. Manage dynamic infrastructure and integrate service registries so hosts and service catalogs are kept up-to-date. Automate credential injection to securely access services and hosts with HashiCorp Vault. Reduce risk of leaking credentials with dynamic secrets and just-in-time credentials. -
21
AWS Secrets Manager
Amazon
AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text. Secrets Manager offers secret rotation with built-in integration for Amazon RDS, Amazon Redshift, and Amazon DocumentDB. Also, the service is extensible to other types of secrets, including API keys and OAuth tokens. In addition, Secrets Manager enables you to control access to secrets using fine-grained permissions and audit secret rotation centrally for resources in the AWS Cloud, third-party services, and on-premises. AWS Secrets Manager helps you meet your security and compliance requirements by enabling you to rotate secrets safely without the need for code deployments.Starting Price: $0.40 per month -
22
Ezeelogin
Ezeelogin
Setup a self-hosted Jump server (also called “Bastion Host” or “Jump host”) quickly to manage SSH access to your Linux servers, Routers, Switches, and Cloud instances. Our jump box software has features like 2-factor authentication, SAML Authentication, SSH session recording, Identity and Access Management (IAM), RBAC, Privileged Access Management (PAM), SSH key rotation, and root password management, and much more. It would help you meet security compliances such as PCI, NIST, ISO 27001, and more, to know more visit us. Many companies, including fortune 500 companies are using Ezeelogin SSH Jump Server to meet various security compliances such as PCI DSS 3.2, ISO 27001, GDPR, HIPAA, FFIEC, NIST, FedRamp, SOC, SOX, and much more while accessing Linux servers, Routers, Switches, Cloud instances & containers they manage over ssh. Save millions of dollars annually managing and administering your server infrastructure and cloud instances. Moreover, security is priceless.Starting Price: $1.99 per month -
23
BrandBastion
BrandBastion
BrandBastion takes action to help you listen and respond better on social media. Whether it’s more sales or brand equity, the key to success is understanding what your audience cares about, and taking the right actions, at the right time. Harmful comments, from spam to discrimination and brand attacks, are removed according to your custom brand moderation guidelines. Alerts are sent when something needs urgent attention, such as when negative sentiment spikes or there’s a report of an unusual event. BrandBastion’s social media engagement analysis allows you to audit your current ads or organic posts to discover: Harmful comments and threats you are receiving, from spam to discrimination, brand attacks, and competitor promotions. Opportunities to engage with questions, complaints, and reviews. Potentially urgent situations, from technical issues to negative sentiment due to poor perception. Tips and recommendations for optimization. -
24
BeyondTrust Pathfinder
BeyondTrust
BeyondTrust Pathfinder offers a comprehensive identity-centric security platform designed to protect enterprises from privilege-based attacks by delivering visibility, control, and governance across human and non-human identities, credentials, and access paths. At the core is the Pathfinder Platform, which dynamically maps paths to privilege across endpoints, servers, clouds, IdPs, SaaS, and databases, exposing hidden over-privileged accounts, orphaned identities, and attack vectors. Other key components include Identity Security Insights for unified detection and risk-based prioritization of identity threats, Password Safe to discover, vault, manage and audit privileged credentials and session activity, Privileged Remote Access for secure, rule-based access with full session monitoring, Entitle for automating cloud permissions and just-in-time access, Endpoint Privilege Management for enforcing least-privilege on endpoints with application control and file-integrity monitoring. -
25
WALLIX One Remote Access
WALLIX
WALLIX One Remote Access is a SaaS solution that secures, centralizes, and manages external remote access to corporate IT and OT infrastructure, enabling organizations to allow remote vendors, service providers, or external users to access critical assets without compromising security. It eliminates the need for VPNs or shared passwords by establishing outbound-only, encrypted tunnels from within the corporate perimeter (via a Bastion) to the remote access service, so internal systems remain hidden and aren’t exposed to inbound traffic. It enforces multi-factor authentication (MFA) on every remote access and supports just-in-time access provisioning, meaning external users receive elevated access only when needed and only for the duration required. External users are kept segregated from the corporate directory (no need to add them to the main AD), preserving directory hygiene and minimizing risk. -
26
Hyperport
Hyperport
The Hyperport is a unified secure-user-access solution that merges Zero-Trust Network Access (ZTNA), Privileged Access Management (PAM), and Secure Remote Access (SRA) into one flexible architecture, allowing internal staff, remote employees, vendors and third-party partners to connect in seconds without compromising security. It enforces least-privilege access across an organisation’s entire infrastructure, from Windows and web applications to industrial control systems, via just-in-time authorization, multi-factor authentication at every security zone, real-time monitoring, session recording, and dynamic entitlement management. The platform is built for hybrid, cloud and on-premises deployments with multi-site support, enabling centralised management across IT, OT, ICS and CPS environments; it features browser-based portals (Web, RDP, SSH, VNC), encrypted file transfers, immutable audit logs, micro-segmentation and policy enforcement to reduce the attack surface. -
27
Devolutions Server
Devolutions
Devolutions Server (DVLS) is a self-hosted solution designed to streamline account and credential management across your organization. Without centralized control, teams often struggle with unsecured credentials, unauthorized access, and inconsistent security practices. DVLS addresses these issues by offering a secure, shared account and credential management platform with the ability to enforce access policies, manage user roles, and provide detailed auditing. DVLS also includes optional privileged access components for organizations that require more granular control over sensitive accounts. Fully integrated with Remote Desktop Manager, it offers a seamless way to manage credentials and remote sessions, ensuring that all access is secure and well-governed. Whether you’re a small team or a large enterprise, Devolutions Server simplifies credential management and improves security.Starting Price: $3/month/user -
28
Strongbox
Strongbox
Strongbox provides best in class secure password management helping you keep your data secret. Protecting you from digital attacks by using recognized best practices, military grade cryptography, and industry standard formats. Strongbox not only secures your data but provides a beautiful native experience on iPhones, iPad’s and Macs. The ultimate KeePass iOS password manager. Strongbox is a native App on both iOS and MacOS platforms. This means it looks and feels just like an App should. Designed with Apple’s human interface guidelines in mind and using standard UI paradigms, controls, colours and integrations, Strongbox just feels native. AutoFill integration means you never have to leave Safari or your other Apps to fill in a password, just tap the Strongbox suggestion above your keyboard, authenticate and you’re done. Use Face ID to automatically unlock your database, being secure has never been so convenient.Starting Price: $2.49 per month -
29
Delinea Cloud Suite
Delinea
Simplify user authentication to servers from any directory service, including Active Directory, LDAP, and cloud directories such as Okta. Enforce the principle of least privilege with just-in-time and just enough privilege to minimize the risk of a security breach. Identify abuse of privilege, thwart attacks, and quickly prove regulatory compliance with a detailed audit trail and video recordings. Delinea’s cloud-based SaaS solution applies zero-trust principles to stop privileged access abuse and reduce security risks. Experience elastic scalability and performance, supporting multi-VPCs, multi-cloud, and multi-directory use cases. Single enterprise identity to securely log in anywhere. A flexible, just-in-time model with privilege elevation. Centrally manage security policies for users, machines, and applications. Apply MFA policies consistently across all your regulated and business-critical systems. Watch privileged sessions in real-time and instantly terminate suspicious sessions. -
30
Netwrix Privilege Secure
Netwrix
Netwrix Privilege Secure is a comprehensive Privileged Access Management (PAM) solution designed to enhance security by eliminating standing privileged accounts and implementing just-in-time access. Creating ephemeral identities that grant the necessary access only when required, reduces the attack surface and prevents lateral movement within the network. The platform offers features such as session monitoring, recording of privileged activities for audit and forensic purposes, and integration with existing vaults through its Bring Your Own Vault (BYOV) connectors. Additionally, it supports multi-factor authentication to validate user identities in line with zero trust principles. Netwrix Privilege Secure is designed for quick deployment, with initial setup achievable in less than 20 minutes and full deployment within a day. It also provides session management tools for monitoring and recording privileged activities, enhancing audit and forensic capabilities. -
31
Only Netwrix Privilege Secure for Discovery removes your biggest undiscovered security risk by providing Just-Enough access, Just-in-Time, eliminating standing privilege with continuous scanning and agentless, faultless simplicity, unlike legacy privileged access management (PAM) solutions that leave unprotected attack surfaces and are difficult to deploy. Netwrix Privilege Secure for Discovery ensures privileged access is precisely allocated and continuously inventoried by granting privileged access on a Just-in-Time, Just-Enough basis using two-factor authentication. Netwrix Privilege Secure for Discovery was purpose-built to address this problem, using an identity-enabled response, and be a force multiplier to security programs worldwide. The founding team especially had in mind those looking to secure and enable access to global, distributed and always scaling infrastructure. Netwrix Privilege Secure for Discovery was purpose-built to address this problem and be a force multiplier.
-
32
Netwrix Privilege Secure for Access Management enables secure, task-based administrative access delivered just-in-time and with just-enough privilege. Reduce opportunity for lateral movement attacks through privileged account reduction. With Netwrix Privilege Secure for Access Management, organizations are empowered to reduce their risk footprint through a task-based approach to Privileged Access Management. Netwrix Privilege Secure for Access Management provides Administrators the exact level of privileges needed, exactly when they’re needed, for only as long as they’re needed, and returns the environment to a no-access-by-default state, immediately upon completion. Kill standing privilege by eliminating standing privilege. Instead, create temporary accounts with just enough access to perform the task at hand and remove them when the job is complete.
-
33
Knox
Pinterest
Knox is a secret management service. Knox is a service for storing and rotation of secrets, keys, and passwords used by other services. Pinterest has a plethora of keys or secrets doing things like signing cookies, encrypting data, protecting our network via TLS, accessing our AWS machines, communicating with our third parties, and many more. If these keys become compromised, rotating (or changing our keys) used to be a difficult process generally involving a deploy and likely a code change. Keys/secrets within Pinterest were stored in git repositories. This means they were copied all over our company's infrastructure and present on many of our employees laptops. There was no way to audit who accessed or who has access to the keys. Knox was built to solve these problems. Ease of use for developers to access/use confidential secrets, keys, and credentials. Confidentiality for secrets, keys, and credentials. Provide mechanisms for key rotation in case of compromise. -
34
PrivX
SSH Communications Security
PrivX is a scalable, cost-efficient, and highly automated privileged access management (PAM) solution for hybrid and multi-cloud environments, quantum-safe connections and any combination of password vaulting, rotation, and passwordless authentication. PrivX makes PAM easy, productive, and secure while decreasing complexity and costs. PrivX reduces the risk of passwords, keys, and other leave-behind credentials by eliminating them right after access authentication. Instead, it uses short-lived, ephemeral certificates. Your privileged users and superusers get just-in-time, role-based Zero Trust access without the need to handle, vault, manage or rotate any secrets. PrivX also supports hybrid environments with a secrets vault and password rotation when necessary. It even allows you to make quantum-safe SSH connections. -
35
Confidant
Confidant
Confidant is a open source secret management service that provides user-friendly storage and access to secrets in a secure way, from the developers at Lyft. Confidant solves the authentication chicken and egg problem by using AWS KMS and IAM to allow IAM roles to generate secure authentication tokens that can be verified by Confidant. Confidant also manages KMS grants for your IAM roles, which allows the IAM roles to generate tokens that can be used for service-to-service authentication, or to pass encrypted messages between services. Confidant stores secrets in an append-only way in DynamoDB, generating a unique KMS data key for every revision of every secret, using Fernet symmetric authenticated cryptography. Confidant provides an AngularJS web interface that allows end-users to easily manage secrets, the mappings of secrets to services and the history of changes. -
36
Devolutions PAM
Devolutions
Devolutions Privileged Access Manager (PAM) discovers privileged accounts, automates password rotation, approves check-outs, enforces just-in-time (JIT) privilege elevation, and records every session—giving small and midsize businesses (SMBs) enterprise-grade control without enterprise-grade hassle. Bundle PAM with the Privileged Access Management package and it slots straight into Devolutions Hub delivered as SaaS (Software-as-a-Service) or a self-hosted on-premises (on-prem) Devolutions Server, while Remote Desktop Manager provides one-click launches and Gateway supplies secure tunnels. One integrated stack takes you from standing privileges to true zero-standing-privilege—all under a single pane of glass, complete with granular RBAC (Role-Based Access Control) and tamper-proof audit logs.Starting Price: $50/month/user -
37
Keywhiz
Keywhiz
Keywhiz is a system for managing and distributing secrets. It can fit well with a service oriented architecture (SOA). Here is an overview in presentation format. Common practices include putting secrets in config files next to code or copying files to servers out-of-band. The former is likely to be leaked and the latter difficult to track. Keywhiz makes managing secrets easier and more secure. Keywhiz servers in a cluster centrally store secrets encrypted in a database. Clients use mutually authenticated TLS (mTLS) to retrieve secrets they have access to. Authenticated users administer Keywhiz via CLI. To enable workflows, Keywhiz has automation APIs over mTLS. Every organization has services or systems that require secrets. Secrets like TLS certificates/keys, GPG keys, API tokens, database credentials. Keywhiz is reliable and used in production, however occasional changes may break API backward compatibility. -
38
Delinea Server Suite
Delinea
Easily consolidate complex and disparate identities for Linux and Unix within Microsoft Active Directory. Minimize the risk of a breach and reduce lateral movement with a flexible, just-in-time privilege elevation model. Advanced session recording, auditing, and compliance reporting aid forensic analysis into abuse of privilege. Centralize discovery, management, and user administration for Linux and UNIX systems to enable rapid identity consolidation into Active Directory. Privileged Access Management best practices are easy to follow with the Server Suite. The results are higher levels of identity assurance and a significantly reduced attack surface with fewer identity silos, redundant identities, and local accounts. Manage privileged user and service accounts from Windows and Linux in Active Directory. Just-in-time, fine-grained access control with RBAC and our patented Zones technology. Complete audit trail for security review, corrective action, and compliance reporting. -
39
AWS Systems Manager
Amazon
AWS Systems Manager is a comprehensive solution that enables centralized visualization, management, and operation of nodes at scale across AWS, on-premises, and multi-cloud environments. It provides a unified console experience, consolidating various tools to facilitate common node tasks across AWS accounts and regions. With Systems Manager, you can automate routine operational tasks, reducing the time and effort required for system maintenance. It offers secure remote management of nodes without the need for bastion hosts, SSH, or remote PowerShell, simplifying operations and enhancing security. The platform also supports automated patching of operating systems and software, ensuring that your infrastructure remains up-to-date and compliant. Additionally, Systems Manager provides real-time insights into your node infrastructure, allowing for quick identification and resolution of issues. Its integration capabilities extend across hybrid and multi-cloud environments. -
40
SecureKi
SecureKi
Secure access for your business, customers, or employees with our unparalleled identity security backed by a zero–trust philosophy. When it comes to protecting your data, passwords are the weakest link. That is why multifactor authentication has become the identity and access management standard for preventing unauthorized access. Verify the identity of all users with SecureKi. Compromised access and credentials most often are the leading attack vectors of a security breach. Our comprehensive privileged access management is designed to manage and monitor privileged access to accounts and applications, alert system administrators on high-risk events, reduce operations complexity, and meet regulatory compliance with ease. Privilege escalation is at the core of most cyber-attacks and system vulnerabilities. -
41
Akeyless Identity Security Platform
Akeyless
Akeyless delivers identity security for an era shaped by automation and AI. The cloud-native platform secures machines, AI agents, and human access across hybrid, multi-cloud, and on-prem environments. It provides a practical path to secretless, identity-based access through secrets management, certificate lifecycle management and PKI, PAM, and unified governance. Akeyless is built on a cryptography foundation that combines encryption, key management, and Distributed Fragments Cryptography to keep sensitive material under customer control and protected from post-quantum threats. With integrations for cloud IAM, Kubernetes, CI/CD, and MCP-based AI agent workflows, teams can adopt and scale AI agents securely without expanding risk. Akeyless Jarvis™ delivers identity intelligence to surface risky access and strengthen oversight. -
42
1Password Extended Access Management (XAM) is a security solution designed to safeguard every login across applications and devices, making it ideal for hybrid work environments. It combines user identity verification, device trust assessments, enterprise password management, and application insights to ensure that only authorized users on secure devices can access both approved and unapproved applications. By providing IT and security teams with visibility into app usage, including shadow IT, XAM enables organizations to enforce contextual access policies based on real-time risk signals like device compliance and credential integrity. With its zero-trust approach, XAM helps businesses move beyond traditional identity management, strengthening security in today’s SaaS-driven workplace.
-
43
Bravura Privilege
Bravura Security
Bravura Privilege secures access to elevated privileges. It eliminates shared and static passwords to privileged accounts. It enforces strong authentication and reliable authorization prior to granting access. User access is logged, creating strong accountability. Bravura Privilege secures access at scale, supporting over a million password changes daily and access by thousands of authorized users. It is designed for reliability, to ensure continuous access to shared accounts and security groups, even in the event of a site-wide disaster. Bravura Privilege grants access to authorized users, applications and services. It can integrate with every client, server, hypervisor, guest OS, database and application, on-premises or in the cloud. Discovers and classifies privileged accounts and security groups. Randomizes passwords and stores them in an encrypted, replicated vault. -
44
Centralize your multi-vendor infrastructure into a single security domain. Core Privileged Access Manager (BoKS) transforms your multi-vendor Linux and UNIX server environment into one centrally managed security domain. BoKS simplifies your organization’s ability to enforce security policies, and control access to critical systems and information. With full control over accounts, access and privilege, IT and security teams can proactively prevent internal and external attacks on critical systems before they start. Centralize management of user profiles and accounts for simplified administration and scalability. Secure your systems by managing user privileges and access to sensitive data—without slowing down productivity. Give users only the access they need and ensure that least privileged access is enforced across your hybrid environment.
-
45
BeyondTrust Privileged Remote Access
BeyondTrust
Secure, manage, and audit vendor and internal remote privileged access without a VPN. Watch demo. Give legitimate users the access they need to be productive, while keeping attackers out. Give contractors and vendors privileged access to critical assets without giving them a VPN. Satisfy internal and external compliance requirements with comprehensive audit trails and session forensics. Guarantee adoption with a system that actually lets users do their jobs faster and easier than they do today. Prevent “privilege creep” and quickly enforce least privilege to protect your IT assets. Make least privilege productive and combat data breaches, without sacrificing security. Standardized, secure, and complete privileged session management solution that controls the access to and from any platform in any environment. Eliminate manual credential check-in and check-out. -
46
Kelltron IAM Suite
Kelltron
Kelltron’s IAM Suite is an AI-powered identity security platform that unifies Identity & Access Management (IAM), Privileged Access Management (PAM), and Data Governance (DGM) into one seamless solution. It enables secure user provisioning, Single Sign-On (SSO) to 4,000+ apps, adaptive Multi-Factor Authentication (MFA), and role-based access control. PAM features include just-in-time access, session monitoring, and credential vaulting to safeguard privileged accounts. The DGM module helps discover, classify, and enforce data access policies for compliance with GDPR, ISO 27001, and more. Designed for hybrid IT environments, Kelltron offers cloud, on-prem, and multi-tenant deployment. AI-driven automation reduces manual workload by flagging anomalies, suggesting least-privilege access, and generating real-time risk insights. With 24/7 support and a 6-month free trial, Kelltron empowers businesses and MSPs to scale securely with full visibility and control. -
47
Symantec PAM
Broadcom
Privileged accounts provide elevated and unrestricted access to users and systems and are necessary to perform key activities. Privileged accounts provide elevated and unrestricted access to users and systems and are necessary to perform key activities. Unfortunately, they are also one of the most common attack vectors because, when compromised, they enable hackers to access critical systems, steal sensitive data, and deploy malicious code. Today’s privileged access management technologies must not only enable you to create and enforce controls over users and systems that have elevated or “privileged” entitlements, but with the explosion of virtualized and cloud environments, the attack surface and number and types of privileged accounts have increased exponentially. -
48
Seamless service account governance from discovery and provisioning through decommissioning. Non-human privileged accounts access services, applications, data, and network resources. Most service accounts fly under the radar of IT, expanding your vulnerable attack surface. Automate service account governance to provide security teams with central oversight and control. Increase accountability, consistency, and oversight of service account management. Control risky service account sprawl by automating and streamlining service account management. Gain a complete picture of your privileged attack surface and address the risk associated with service account lifecycle management. Account Lifecycle Manager helps manage service account sprawl and empowers you to manage and control service accounts with workflows and automated provisioning, governance, compliance, and decommissioning capabilities. Cloud-native architecture for rapid deployment and elastic scalability.
-
49
PassCamp
PassCamp
PassCamp is a cloud-based password and access management solution that helps teams of all sizes to protect their sensitive information and collaborate efficiently. Since day one the tool has been developed to be the perfect password manager for teams that rely on efficient collaboration. PassCamp is easy to onboard and use for anyone, even non-technical people. The main focus of PassCamp is uncompromised security for your data, that is ensured by end-to-end encryption, two-factor authentication, zero-knowledge proof and other advanced security technologies. PassCamp's unique features like secure multi-tier sharing, history tracking, unlimited guests and super easy-to-use interface help thousands of teams all around the world manage their passwords in a way that improves both security and productivity in their day-to-day activities.Starting Price: €2.5 per user -
50
Passly
IDAgent
Growing numbers of remote workers, increased dependency on cloud applications, and explosive increases in cyber theft should require every organization of every size to consider Secure Identity & Access Management. With Passly™ from ID Agent (a Kaseya company), IT teams can easily, simply, and affordably enable the right people to have the right access to the right resources – all from the right devices and locations. Secure Password Management, Single Sign-On, Multi-Factor Authentication and more. In a time when the threat of cyberattack has never been greater, and with nearly 80% percent of all data breaches due to lost, weak or stolen passwords, it’s critical to select the right secure identity & access management platform. Passly provides the most comprehensive and cost-effective solution to enable security, compliance, and efficiency. Shared Password Vaults allow techs to manage and store passwords for business, personal or shared accounts. Centralized and easy to use.
