Best Privileged Access Management Software - Page 2
View:
Compare the Top Privileged Access Management Software as of October 2025 - Page 2
Sort By:
-
1
Password Sentry
Password Sentry
Password Sentry (PS) is a website password protection enterprise software application that monitors logins to detect and block password sharing. PS employs cutting edge technology to block dictionary and brute force attacks: stop hackers from guessing passwords. Password Sentry is NOT an IP counter application. Password Sentry counts unique logins using geographical metrics. PS analyzes logins using PS::GeoTracking technology. Each user is geographically profiled. Their exact location is derived from their IP address: City, Region, Country, and Coordinates (Latitude and Longitude). User logins are then mapped, and the distance between logins analyzed for any given user. If a login is mapped outside the acceptable radius threshold (measured in miles, and defined via Control Panel Preferences), the user is suspended. This algorithm ensures that false positives and false negatives are negligible.Starting Price: $99.95 one-time payment -
2
AWS Secrets Manager
Amazon
AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text. Secrets Manager offers secret rotation with built-in integration for Amazon RDS, Amazon Redshift, and Amazon DocumentDB. Also, the service is extensible to other types of secrets, including API keys and OAuth tokens. In addition, Secrets Manager enables you to control access to secrets using fine-grained permissions and audit secret rotation centrally for resources in the AWS Cloud, third-party services, and on-premises. AWS Secrets Manager helps you meet your security and compliance requirements by enabling you to rotate secrets safely without the need for code deployments.Starting Price: $0.40 per month -
3
Netwrix Strongpoint
Netwrix
Netwrix Strongpoint helps organizations build smart controls that automate the hardest parts of SOX compliance management and audit reporting, access reviews and segregation of duties, data security, and change management. Netwrix Strongpoint works with NetSuite and Salesforce. With tight controls to track and protect what’s in scope, Strongpoint customers are able to produce airtight audit reporting on demand, greatly reducing the cost and time of SOX compliance prep. See what’s safe to change and what requires additional review. Then, use highly sophisticated impact analysis tools to streamline the discovery process. Not subject to SOX? Netwrix Strongpoint’s award-winning data security, configuration management, and change management tools help businesses running complex business systems maintain transparency and harden their business-critical applications against security risks.Starting Price: $1000/month -
4
ManageEngine AD360
Zoho
AD360 is an integrated identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. From user provisioning, self-service password management, and Active Directory change monitoring, to single sign-on (SSO) for enterprise applications, AD360 helps you perform all your IAM tasks with a simple, easy-to-use interface. AD360 provides all these functionalities for Windows Active Directory, Exchange Servers, and Office 365. With AD360, you can just choose the modules you need and start addressing IAM challenges across on-premises, cloud, and hybrid environments from within a single console. Easily provision, modify, and deprovision accounts and mailboxes for multiple users at once across AD, Exchange servers, Office 365 services, and G Suite from a single console. Use customizable user creation templates and import data from CSV to bulk provision user accounts.Starting Price: $595.00 / year -
5
Alibaba Cloud Bastionhost
Alibaba Cloud
Bastionhost enables you to manage asset O&M permissions in a centralized manner, monitor all O&M operations, and reproduce O&M scenarios in real-time to facilitate identity authentication, access control, and operation audit. You can use Bastionhost to troubleshoot issues, such as difficulties in the management of various assets, unclear responsibilities and authorities, and difficulties in the backtracking of O&M events. Bastionhost provides a centralized portal to access server resources. Bastionhost provides a single sign-on to allow O&M personnel to manage and maintain all server assets, facilitating centralized asset management. Furthermore, Bastionhost supports password-free logon for asset O&M. It manages accounts and passwords in a centralized manner to simplify account management. Bastionhost supports fine-grained user permission assignments to allow different users to perform operations based on the permissions assigned to them.Starting Price: $1.65 per month -
6
BastionZero
BastionZero
Infrastructure teams must manage painful VPNs, homegrown bastion hosts, overprivileged certificate authorities, and long-lived credentials that present huge security risks. Infrastructure teams can easily configure, manage and secure fine-grained access controls to infrastructure targets in any cloud or on-prem environments. A single system for access all of your targets (servers, containers, clusters, databases, webservers) so you don’t have to manage an ever-growing set of systems. Provide zero-trust access to your targets by putting them behind your SSO and adding an independent MFA. Stop managing passwords. Use policy to control which users can log into which target under which role or user account. Capture the specific commands that a user ran on a target under a role or account via BastionZero’s access logs, command logs and session recordings.Starting Price: $300 per month -
7
Securden Unified PAM
Securden
Discover and consolidate all privileged account credentials into a centralized repository. Regulate access to all critical IT assets. Grant just-in-time access, and enforce least privilege on devices in the organization. • Enforce remote password resets on devices. • Manage Windows domain, service, local admin accounts & their dependencies. • Eliminate hardcoded-credentials from scripts and configuration files. • Automate password access for non-human identities with APIs. • Protect SSH keys, track usage & associate with UNIX devices. • Share accounts with granular access controls. • One-click remote access to assets without revealing passwords. • Grant Just-In-Time access to privileged accounts. • Shadow, Monitor & record live sessions. • Endpoint privilege management with application controls. • Integrate with AD, AzureAD for user provisioning. • Integrate with solutions for MFA, SIEM, ITSM & SSO. • Comply with regulations with audit trails & custom reports -
8
Fudo Security
Fudo Security
With Fudo, users can get access to Unix/Windows servers, applications, and devices quickly and easily. Users will not have to change their habits and can continue to use native clients like Unix Terminals, RDCMan, or Putty. They can also connect through the Fudo Web Client which only needs a web browser for access. Using the JIT feature, you can create access workflows that adhere to the zero-trust approach. Through the request management section, you can easily define and schedule when a specific resource is available to a certain user and control it accordingly. Fudo allows you to permanently monitor and record all the ongoing sessions for 10+ protocols, including SSH, RDP, VNC, and HTTPS. You can watch the session live or use the footage for post-mortem analysis. Both the server and end-user computers do not require any agents. Furthermore, Fudo offers the ability to join the session, sharing, pausing, and terminate, as well as great tools like OCR and tagging.Starting Price: Free -
9
Paralus
Paralus
Paralus is a free, open source tool that enables controlled, audited access to Kubernetes infrastructure. It provides just-in-time service account creation and user-level credential management, integrating seamlessly with existing Role-Based Access Control (RBAC) and Single Sign-On (SSO) systems. Paralus applies zero-trust security principles, ensuring secure access to Kubernetes clusters by generating, maintaining, and revoking access configurations across clusters, projects, and namespaces. It offers both a browser-based graphical user interface and command-line interface tools for managing kubeconfigs directly from the terminal. Additionally, Paralus includes comprehensive auditing tools that provide detailed logging of activities and resource access, facilitating real-time and historical tracking. Installation is straightforward, with Helm charts available for deployment across various environments, including major cloud providers and on-premises setups.Starting Price: Free -
10
Pomerium
Pomerium
Pomerium is a secure, clientless solution that enables seamless access to web applications and services without the need for a corporate VPN. Designed to enhance developer productivity, it eliminates complex user access flows that can hinder workflow. Unlike traditional client-based tunneling solutions, Pomerium offers lightning-fast connections with minimal latency, ensuring security and privacy without compromise. It leverages contextual data for access control decisions, implementing continuous verification—a zero trust concept where every action is verified for contextual factors before being accepted or denied. This approach contrasts with NextGen VPNs, which only verify authentication and authorization at the start of a session. Pomerium supports secure access to web apps, databases, Kubernetes clusters, internal tools, and legacy applications, making it suitable for individuals and teams of all sizes.Starting Price: $7 per month -
11
Devolutions PAM
Devolutions
Devolutions Privileged Access Manager (PAM) discovers privileged accounts, automates password rotation, approves check-outs, enforces just-in-time (JIT) privilege elevation, and records every session—giving small and midsize businesses (SMBs) enterprise-grade control without enterprise-grade hassle. Bundle PAM with the Privileged Access Management package and it slots straight into Devolutions Hub delivered as SaaS (Software-as-a-Service) or a self-hosted on-premises (on-prem) Devolutions Server, while Remote Desktop Manager provides one-click launches and Gateway supplies secure tunnels. One integrated stack takes you from standing privileges to true zero-standing-privilege—all under a single pane of glass, complete with granular RBAC (Role-Based Access Control) and tamper-proof audit logs.Starting Price: $50/month/user -
12
Pryv.io
Pryv
Personal Data & Privacy Management Software - A ready-to-use solution for personal data and consent management. - Pryv.io is a solid foundation on which you build your own digital health solution, so you can collect, store, share and rightfully use personal data. - Maintained and developed by Pryv. Features - Provides latest Pryv.io core system ready for production - User registration and authentication - Granular consent-based access control rights - Data model made for privacy, aggregation and sharing - Full data life-cycle: collect - store - change - delete - REST & Socket.io API - Ease of software integration and configuration - Seamless connectivity and interoperability -
13
Avatier Identity Anywhere
Avatier
Introducing Identity Anywhere, the world’s first Identity Management solution based on Docker containers making it the most portable, scalable and secure solution on the market. Docker container technology allows Identity Anywhere to run anywhere: on any cloud, on premise or a private cloud instance hosted by Avatier. Avatier Identity Management products brings separately administered back office applications and assets together to manage them as one system. Now armed with a unified digital dashboard, C-level executives deliver measurable business growth and increased profits. Eliminate the #1 Help Desk request with military grade self-service password reset. Reduce Costs. Only pay for the cloud app licenses you need. Maximize company utilization with a phenomenal shopping cart experience. Avoid fines, lawsuits, negative publicity, and even jail time due to non-compliance.Starting Price: $5.00/one-time/user -
14
WikiLocks
WikiLocks
WikiLocks works the way you do, within your most common applications. Simply select the data you wish to protect, assign access to individuals or groups, and distribute the newly protected document. The protection follows your document throughout its lifecycle, no matter how it is accessed, copied, pasted and attached.Starting Price: $40 -
15
Bravura Privilege
Bravura Security
Bravura Privilege secures access to elevated privileges. It eliminates shared and static passwords to privileged accounts. It enforces strong authentication and reliable authorization prior to granting access. User access is logged, creating strong accountability. Bravura Privilege secures access at scale, supporting over a million password changes daily and access by thousands of authorized users. It is designed for reliability, to ensure continuous access to shared accounts and security groups, even in the event of a site-wide disaster. Bravura Privilege grants access to authorized users, applications and services. It can integrate with every client, server, hypervisor, guest OS, database and application, on-premises or in the cloud. Discovers and classifies privileged accounts and security groups. Randomizes passwords and stores them in an encrypted, replicated vault. -
16
M365 Manager Plus is an extensive Microsoft 365 tool used for reporting, managing, monitoring, auditing, and creating alerts for critical activities. With its user-friendly interface, you can easily manage Exchange Online, Azure Active Directory, Skype for Business, OneDrive for Business, Microsoft Teams, and other Microsoft 365 services all from one place. M365 Manager Plus provides exhaustive preconfigured reports on Microsoft 365 and helps you perform complex tasks including bulk user management, bulk mailbox management, secure delegation, and more. Monitor Microsoft 365 services around the clock, and receive instant email notifications about service outages. M365 Manager Plus eases compliance management with built-in compliance reports and offers advanced auditing and alerting features to keep your Microsoft 365 setup secure.Starting Price: $345 per year
-
17
Tenable Cloud Security
Tenable
The actionable cloud security platform. Reduce risk by rapidly exposing and closing priority security gaps caused by misconfigurations, risky entitlements and vulnerabilities–in one powerful cloud native application protection platform (CNAPP). CNAPP solutions replace a patchwork of siloed products that often cause more problems than they solve, such as multiple false positives and excessive alerts. Those products usually provide only partial coverage and often create overhead and friction with the products they’re supposed to work with. Most importantly, CNAPPs allow businesses to monitor the health of cloud native applications as a whole rather than individually monitoring cloud infrastructure and application security. -
18
Secure and Protect Privileged Accounts, Sessions and Credentials. Everywhere! RevBits Privileged Access Management is a six-in-one solution that includes privileged access, privileged session, password, service accounts, key and certificate management, as well as extensive session logging that captures keystrokes and video. RevBits Privileged Access Management native clients are available for common operating systems. As an organization’s need for comprehensive access management grows, the expansion of onboarding vendors will also increase. RevBits Privileged Access Management is built to provide comprehensive access management while reducing the growth in vendor onboarding. With five integrated access management modules in one solution, organizations are in control. Product Features:- Hardware Tokens Comprehensive Platform Coverage Customizable Password Management Extensive Audit Logs Access Granting Workflow Ephemeral Passwords Complete Key Management SSL Scanner
-
19
Keywhiz
Keywhiz
Keywhiz is a system for managing and distributing secrets. It can fit well with a service oriented architecture (SOA). Here is an overview in presentation format. Common practices include putting secrets in config files next to code or copying files to servers out-of-band. The former is likely to be leaked and the latter difficult to track. Keywhiz makes managing secrets easier and more secure. Keywhiz servers in a cluster centrally store secrets encrypted in a database. Clients use mutually authenticated TLS (mTLS) to retrieve secrets they have access to. Authenticated users administer Keywhiz via CLI. To enable workflows, Keywhiz has automation APIs over mTLS. Every organization has services or systems that require secrets. Secrets like TLS certificates/keys, GPG keys, API tokens, database credentials. Keywhiz is reliable and used in production, however occasional changes may break API backward compatibility. -
20
Knox
Pinterest
Knox is a secret management service. Knox is a service for storing and rotation of secrets, keys, and passwords used by other services. Pinterest has a plethora of keys or secrets doing things like signing cookies, encrypting data, protecting our network via TLS, accessing our AWS machines, communicating with our third parties, and many more. If these keys become compromised, rotating (or changing our keys) used to be a difficult process generally involving a deploy and likely a code change. Keys/secrets within Pinterest were stored in git repositories. This means they were copied all over our company's infrastructure and present on many of our employees laptops. There was no way to audit who accessed or who has access to the keys. Knox was built to solve these problems. Ease of use for developers to access/use confidential secrets, keys, and credentials. Confidentiality for secrets, keys, and credentials. Provide mechanisms for key rotation in case of compromise. -
21
Netwrix Privilege Secure for Access Management enables secure, task-based administrative access delivered just-in-time and with just-enough privilege. Reduce opportunity for lateral movement attacks through privileged account reduction. With Netwrix Privilege Secure for Access Management, organizations are empowered to reduce their risk footprint through a task-based approach to Privileged Access Management. Netwrix Privilege Secure for Access Management provides Administrators the exact level of privileges needed, exactly when they’re needed, for only as long as they’re needed, and returns the environment to a no-access-by-default state, immediately upon completion. Kill standing privilege by eliminating standing privilege. Instead, create temporary accounts with just enough access to perform the task at hand and remove them when the job is complete.
-
22
Delinea Cloud Access Controller
Delinea
Gain granular control over web applications and web-based cloud management platforms. Delinea's Cloud Access Controller provides a comprehensive PAM solution that operates at cloud speed and is quick to deploy and secure access to any web application. With Cloud Access Controller, you can easily integrate your existing authentication solutions with any web application without having to write any additional code. Apply granular RBAC policies that enforce least privilege and zero trust initiatives, even to custom and legacy web applications. Specify what an individual employee is allowed to read or modify within any web application. Grant, manage and revoke access to cloud applications. Specify who gets access to what, at a granular level. Track usage of each and every cloud application. Clientless session recording without agents. Secure access to all web applications, including social media, custom, and legacy web applications. -
23
Zluri
Zluri
Zluri is a cloud-native SaaSOps platform enabling modern enterprises with SaaS Management, Access Management, and Access Review capabilities. Zluri empowers IT and Security teams to gain visibility into their SaaS landscape, unlock recurring savings, & securely manage access with provisioning and de-provisioning of users. Zluri’s technology is powered by an Authknox engine, and assisted by an Automation engine, enabling companies to navigate & control complex SaaS ecosystems easily. Trusted by over 250 global customers, Zluri is committed to delivering innovative, reliable, and scalable solutions that empower organizations to optimize their SaaS usage, ensure compliance, and enhance Access Management practices. -
24
Heimdal Privileged Access Management
Heimdal®
Heimdal Privileged Access Management is a PAM solution that allows sysadmins to handle user permissions easily, handle all requests, and strengthen your company's endpoint security with truly innovative access governance. With its help, they can make sure that users don’t accidentally allow hackers to access your endpoints and networks. This is made possible by easily verifying and approving each request from the central interface. In addition to this, Heimdal™ Privileged Access Management promises to give your enterprise time optimization, higher productivity, and greater employee satisfaction. With such a tool under your belt, you will not only benefit from flawless protection but also unlock incredible scalability features and save time for your system admins. -
25
Delinea Secret Server
Delinea
Protect your privileged accounts with our enterprise-grade Privileged Access Management (PAM) solution. Available both on-premise or in the cloud. Get up and running fast with solutions for privileged account discovery, turnkey installation and out-of-the-box auditing and reporting tools. Manage multiple databases, software applications, hypervisors, network devices, and security tools, even in large-scale, distributed environments. Create endless customizations with direct control to on-premise and cloud PAM. Work with professional services or use your own experts. Secure privileges for service, application, root, and administrator accounts across your enterprise. Store privileged credentials in an encrypted, centralized vault. Identify all service, application, administrator, and root accounts to curb sprawl and gain a full view of your privileged access. Provision and deprovision, ensure password complexity and rotate credentials. -
26
Axis Security
Axis Security
Ensure least-privilege user access to specific business resources without granting excessive access to your corporate network, or exposing applications to the Internet. Avoid deploying agents on BYOD or third-party devices and the friction that comes with it. Support access to web apps, SSH, RDP and Git without a client. Analyze how users interact with your business applications to better detect anomalies, flag potential issues, and ensure networking remains aware of changes in security controls. Use key tech integrations to automatically verify and adapt access rights based on changes in context to protect data and always ensure least-privilege access. Make private apps invisible to the Internet, keep users off the network, and deliver a safer connection to SaaS apps. -
27
Torsion
Torsion
Torsion delivers powerful visibility and control of ‘who has access to what’ in Microsoft 365. Torsion seamlessly empowers data owners to take responsibility for their own data, because they understand their data best. Its 360-degree visibility and round-the-clock audit trail effortlessly satisfies compliance. And its intelligent automation eliminates inappropriate permissions throughout your data at massive scale, in real time, on auto-pilot. Fully automated with rapid value in mind, Torsion is quick and easy to deploy, and needs little or no user training. Data owners own the decisions which make sense for them, saving IT precious time whilst maintaining oversight. Imagine a world where users can collaborate freely, data access is under control, compliance is a breeze, and the whole thing runs itself. It’s how we bring the phrase, ‘collaborate without limits’ to life. -
28
Giving too much system access to the wrong users can lead to catastrophic data corruption and loss. Limit the risk with privileged access management software. Powertech Authority Broker for IBM i protects corporate assets and audits user access in real time for maximum system security. Security best practices recommend limiting the number of privileged user accounts, but having too many user profiles with special authorities is one of the most common security lapses uncovered in IBM i audits. Give users the access they need to do their jobs—without giving too much. Maintain a record of everything a user does when they swap into a privileged profile. Using award-winning screen capture technology, Powertech Authority Broker for IBM i provides system administrators and IT leaders with an unparalleled view of user activity, helping to safeguard sensitive IBM i data.
-
29
Bravura Security Fabric
Bravura Security
Protect identities, systems, and data with automation, built-in threat detection, singular identity, privileged access, and password platform. Weave patterns of functionality to protect against continual threats ensuring your identity and access security program are covered. In the age of digital transformation, protecting against threats is increasingly complex but also crucial. Hybrid infrastructures now accommodate modern and legacy assets, cloud resources, the Internet of Things, operational technology, and remote workforces around the world. Technological and architectural building blocks with decades of reliability to protect, manage and govern your entire identity and access infrastructure can help. It offers mature automation and detection; governance and compliance; analytics and reporting. Simplify vendor selection and program deployment; streamline service level agreements and lower overall cost. -
30
Seamless service account governance from discovery and provisioning through decommissioning. Non-human privileged accounts access services, applications, data, and network resources. Most service accounts fly under the radar of IT, expanding your vulnerable attack surface. Automate service account governance to provide security teams with central oversight and control. Increase accountability, consistency, and oversight of service account management. Control risky service account sprawl by automating and streamlining service account management. Gain a complete picture of your privileged attack surface and address the risk associated with service account lifecycle management. Account Lifecycle Manager helps manage service account sprawl and empowers you to manage and control service accounts with workflows and automated provisioning, governance, compliance, and decommissioning capabilities. Cloud-native architecture for rapid deployment and elastic scalability.