Alternatives to Permify
Compare Permify alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Permify in 2025. Compare features, ratings, user reviews, pricing, and more from Permify competitors and alternatives in order to make an informed decision for your business.
-
1
Auth0
Okta
Auth0 by Okta takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity Company™. Auth0 lets you quickly integrate authentication and authorization for web, mobile, and legacy applications, with new Fine Grained Authorization (FGA) that goes beyond role-based access control. Authenticate users across all applications with a customized, secure, and standards-based single login. Universal Login connects users to a central authorization server. Credentials aren’t transferred across sources, which boosts security and protects against phishing and credential stuffing attacks. OAuth 2.0 recommends that only external user agents (like the browser) be used by native applications for authentication flows. Auth0’s Universal Login achieves this while enabling SSO.">
-
2
SolarWinds Access Rights Manager
SolarWinds
SolarWinds® Access Rights Manager is designed to assist IT & security administrators in quickly & easily provisioning, deprovisioning, managing, & auditing user access rights to systems, data, & files, so they can help protect their organizations from the potential risks of data loss and breaches. By analyzing user authorizations & access permissions, you get visualization of who has access to what, and when they accessed it. Customized reports can be generated to help demonstrate compliance with many regulatory requirements. Provision & deprovision users via role-specific templates to help assure conformity of access privilege delegation, in alignment with security policies. -
3
Zluri
Zluri
Zluri is a cloud-native SaaSOps platform enabling modern enterprises with SaaS Management, Access Management, and Access Review capabilities. Zluri empowers IT and Security teams to gain visibility into their SaaS landscape, unlock recurring savings, & securely manage access with provisioning and de-provisioning of users. Zluri’s technology is powered by an Authknox engine, and assisted by an Automation engine, enabling companies to navigate & control complex SaaS ecosystems easily. Trusted by over 250 global customers, Zluri is committed to delivering innovative, reliable, and scalable solutions that empower organizations to optimize their SaaS usage, ensure compliance, and enhance Access Management practices. -
4
Casbin
Casbin
Casbin is an open-source authorization library that supports various access control models, including Access Control Lists (ACL), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). It is implemented in multiple programming languages such as Golang, Java, C/C++, Node.js, JavaScript, PHP, Laravel, Python, .NET (C#), Delphi, Rust, Ruby, Swift (Objective-C), Lua (OpenResty), Dart (Flutter), and Elixir, providing a consistent API across different platforms. Casbin abstracts access control models into configuration files based on the PERM metamodel, allowing developers to switch or upgrade authorization mechanisms by simply modifying configurations. It offers flexible policy storage options, supporting various databases like MySQL, PostgreSQL, Oracle, MongoDB, Redis, and AWS S3. The library also features a role manager to handle RBAC role hierarchies and supports filtered policy management for efficient enforcement.Starting Price: Free -
5
OpenFGA
The Linux Foundation
OpenFGA is an open source authorization solution that enables developers to implement fine-grained access control using a user-friendly modeling language and APIs. Inspired by Google's Zanzibar paper, it supports various access control models, including Relationship-Based Access Control (ReBAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). OpenFGA offers SDKs for multiple programming languages, such as Java, .NET, JavaScript, Go, and Python, facilitating seamless integration into diverse applications. The platform is designed for high performance, capable of processing authorization checks in milliseconds, making it suitable for projects ranging from small startups to large enterprises. Operating under the Cloud Native Computing Foundation (CNCF) as a sandbox project, OpenFGA emphasizes transparency and community collaboration, inviting contributions to its development and governance.Starting Price: Free -
6
Aserto
Aserto
Aserto helps developers build secure applications. It makes it easy to add fine-grained, policy-based, real-time access control to your applications and APIs. Aserto handles all the heavy lifting required to achieve secure, scalable, high-performance access management. It offers blazing-fast authorization of a local library coupled with a centralized control plane for managing policies, user attributes, relationship data, and decision logs. And it comes with everything you need to implement RBAC or fine-grained authorization models, such as ABAC, and ReBAC. Take a look at our open-source projects: - Topaz.sh: a standalone authorizer you can deploy in your environment to add fine-grained access control to your applications. Topaz lets you combine OPA policies with Zanzibar’s data model for complete flexibility. - OpenPolicyContainers.com (OPCR) secures OPA policies across the lifecycle by adding the ability to tag, verStarting Price: $0 -
7
CyberArk Conjur
CyberArk
A seamless open source interface to securely authenticate, control and audit non-human access across tools, applications, containers and cloud environments via robust secrets management. Secrets grant access to applications, tools, critical infrastructure and other sensitive data. Conjur secures this access by tightly controlling secrets with granular Role-Based Access Control (RBAC). When an application requests access to a resource, Conjur authenticates the application, performs an authorization check against the security policy and then securely distributes the secret. Security policy as code is the foundation of Conjur. Security rules are written in .yml files, checked into source control, and loaded onto the Conjur server. Security policy is treated like any other source control asset, adding transparency and collaboration to the organization’s security requirements. -
8
Oso Cloud
Oso
Customers want features that you can’t build without a refactor. Your code is hand-rolled, fragile and hard to debug. It’s spread throughout the codebase and relies on data from multiple sources. There’s no one place to see who has access to what, that authorization is working, or why requests are or are not authorized. Lay out who's allowed to do what in Workbench, our visual rules editor Start with primitives for common patterns like multi-tenancy and RBAC Extend your logic with custom rules in Polar, our configuration language for authorization. Send core authorization data, like roles and permissions. Make authorization checks and filter lists based on authorization where you used to have IF statements and custom SQL.Starting Price: $149 per month -
9
Logto
Silverhand
Logto is an Auth0 alternative designed for modern apps and SaaS products. It offers a seamless developer experience and is well-suited for individuals and growing companies. 🧑💻 Comprehensive identity solution Enables easy authentication with Logto SDKs. Supports multiple passwordless and social sign-in methods. Offers customizable UI components to match your brand. 📦 Out-of-the-box infrastructure eliminates the need for extra setup. Provides ready-to-use Management API Offers flexible connectors for customization and scaling, and is customized with SAML, OAuth, and OIDC protocols. 💻 Enterprise-ready with role-based access control (RBAC), organizations (multi-tenant apps), user management, audit logs, single sign-on (SSO), and multi-factor authentication (MFA).Starting Price: $0 -
10
Delinea Server Suite
Delinea
Easily consolidate complex and disparate identities for Linux and Unix within Microsoft Active Directory. Minimize the risk of a breach and reduce lateral movement with a flexible, just-in-time privilege elevation model. Advanced session recording, auditing, and compliance reporting aid forensic analysis into abuse of privilege. Centralize discovery, management, and user administration for Linux and UNIX systems to enable rapid identity consolidation into Active Directory. Privileged Access Management best practices are easy to follow with the Server Suite. The results are higher levels of identity assurance and a significantly reduced attack surface with fewer identity silos, redundant identities, and local accounts. Manage privileged user and service accounts from Windows and Linux in Active Directory. Just-in-time, fine-grained access control with RBAC and our patented Zones technology. Complete audit trail for security review, corrective action, and compliance reporting. -
11
ZITADEL
ZITADEL
ZITADEL is an open-source identity and access management platform designed to simplify authentication and authorization for applications. It offers a comprehensive suite of features, including customizable hosted login pages, support for modern authentication methods such as Single Sign-On (SSO) and social logins, and enforcement of multifactor authentication to enhance security. Developers can integrate authentication directly into their applications using ZITADEL's APIs or build dedicated login interfaces. The platform supports role-based access control, allowing for precise permission assignments based on user roles, and is inherently multi-tenant, facilitating easy extension of applications to new organizations. ZITADEL's extensibility enables seamless adaptation to various workflows, user management processes, and brand guidelines, with features like ZITADEL Actions that execute workflows after predefined events without the need for additional code deployment.Starting Price: $100 per month -
12
AuthZed
AuthZed
Unblock your business with an authorization system inspired by Google's Zanzibar white paper. As the creators of SpiceDB, the AuthZed team delivers enterprise-ready permissions systems built for scale and security. The most mature open source Zanzibar implementation designed for both consistency and performance at scale. Define fine-grained access for any object in your application or across your product suite and manage permissions using a centralized schema. Specify consistency requirements per authorization check; tunable consistency features balance performance and correctness according to your use case. SpiceDB returns lists of authorized subjects and accessible resources, helpful when pre-filtering permission-based results. Instrumented with observability tooling, a powerful Kubernetes operator, and load-testing capabilities, SpiceDB prioritizes both developer and platform engineering experiences. -
13
Access Auditor
Security Compliance Corp
Access Auditor automates user entitlement reviews and user access reviews. Access Auditor also alerts on changes in user access rights, and watches for separation of duties violations, and shows who has access to what. Users can be imported from any AD/LDAP, Database, or any REST API. Enterprise roles (RBAC) can be modeled and defined, allowing full RBAC reviews and provisioning. Access Manager leverages the same ease-of-use to automate the provisioning and management of user access rights. Any system with a database, LDAP, or REST API can be automatically managed via role based access controls. SCC’s powerful and simple approach to Identity Management enables a very rapid success at a low overall cost. With a 100% customer success rate, Access Auditor is the fastest and simplest solution available and can automate your user access reviews in under a week. -
14
Clarity Security
Clarity Security
Eliminate audit angst with 10-minute user access reviews, flexible provisioning/de-provisioning workflows, and audit-friendly reporting, all in one simple, scalable IGA platform. White-glove onboarding takes the burden of implementing a solution off of team members reducing the impact on other IT initiatives. Automated evidence collection into a downloadable ledger mitigates the need for wasted time gathering spreadsheets, screenshots, etc. Nested entitlements and Clarity Explorer provide insight into what’s giving users access and why they’re being granted that access. True role-based access control (RBAC) and automated workflows for full alignment with your organizational structure and needs. Unlike "traditional" manual methods, Clarity has everything you need to quickly upgrade your identity governance program and seamlessly adapt it as your organization grows. Fast reviews for certifying user access, entitlements, roles, application access, and more. -
15
Delinea Cloud Access Controller
Delinea
Gain granular control over web applications and web-based cloud management platforms. Delinea's Cloud Access Controller provides a comprehensive PAM solution that operates at cloud speed and is quick to deploy and secure access to any web application. With Cloud Access Controller, you can easily integrate your existing authentication solutions with any web application without having to write any additional code. Apply granular RBAC policies that enforce least privilege and zero trust initiatives, even to custom and legacy web applications. Specify what an individual employee is allowed to read or modify within any web application. Grant, manage and revoke access to cloud applications. Specify who gets access to what, at a granular level. Track usage of each and every cloud application. Clientless session recording without agents. Secure access to all web applications, including social media, custom, and legacy web applications. -
16
Styra
Styra
The fastest and easiest way to operationalize Open Policy Agent across Kubernetes, Microservices or Custom APIs, whether you're a developer, an admin, or a bit of both. Need to limit which folks can access your pipeline, based on who is currently on call? Simple. Want to define which microservices can access PCI data? We got you. Have to prove compliance with regulations across your clusters? No sweat. Built on open-source, and declarative by design, Styra Declarative Authorization Service gives you a turnkey OPA control plane to mitigate risk, reduce human error, and accelerate development. A built-in library of policies. Built on our OPA project let you implement and customize authorization policy-as-code. Pre-running lets you monitor and validate policy changes before committing, to mitigate risk before deployment. Declarative model defines desired state to prevent security drift and eliminate errors, before they can occur.Starting Price: $70 per month -
17
Adaxes
Softerra
Adaxes is a management and automation solution that provides enhanced administration experience to Active Directory, Exchange and Microsoft 365 environments. Adaxes features a rule-based platform for Active Directory, Exchange and Microsoft 365 automation, provides an enhanced web-based management environment, gives you a role-based access control model for delegating privileges, adds security with approval-based workflow, allows enforcing corporate data standards and much more. With Adaxes all user lifecycle management procedures can be fully automated, including provisioning, re-provisioning and deprovisioning in Active Directory and connected systems, such as Exchange, Microsoft 365 and Skype for Business. Adaxes Web Interface allows managing Active Directory from any device via a standard web browser. It provides a clean and intuitive UI for admins, help desk and other staff to execute their AD administration tasks and a self-service portal for regular users.Starting Price: $1,600 one-time payment -
18
Bravura Identity
Bravura Security
Bravura Identity is an integrated solution for managing identities, groups and security entitlements across systems and applications. It ensures that users are granted access quickly, that entitlements are appropriate to business need and that access is revoked once no longer needed. Users have too many login IDs. A typical user in a large organization may sign into 10 to 20 internal systems. This complexity creates real business problems. Bravura Identity manages the lifecycles of identities, accounts, groups and entitlements. It includes automation to grant and revoke access, after detecting changes on systems of record. A web portal for access requests, profile updates and certification. Full lifecycle management for groups and roles on target systems. A workflow manager to invite people to approve requests, review access or complete tasks. Policy enforcement related to SoD, RBAC, risk scores, privacy protection and more. Reports, dashboards and analytics. -
19
System Frontier
Noxigen
PowerShell web front end with role based access control, auditing and remote management tools. Delegate granular permissions to manage servers, workstations, network devices and user accounts. Privileged Access Management (PAM). Let System Frontier do all the heavy lifting so you can focus on your enabling your IT teams to get more done without having more permissions than needed.Starting Price: $5 -
20
Tools4ever IAM
Tools4ever
Streamline your operational efficiency and control compliance efforts for HIPPA, SOX, and other requirements. IAM provides user provisioning, centralized account management, and role-based access control by integrating personnel and directory systems. Automated onboarding and offboarding ensure that only the right people have the right access at the right time. Want to get a better understanding of how IAM can operate in your environment? Attempting to manually create, manage, and disable user accounts in today’s complex corporate environment is its own full-time job. Tools4ever’s IAM User Provisioning software creates a connection between HR systems, directory services (e.g., Active Directory, LDAP, GSuite), and downstream services. The entire process is automated, recovering substantial bandwidth for IT staff. -
21
Azure Resource Manager
Microsoft
Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features, like access control, locks, and tags, to secure and organize your resources after deployment. When a user sends a request from any of the Azure tools, APIs, or SDKs, Resource Manager receives the request. It authenticates and authorizes the request. Resource Manager sends the request to the Azure service, which takes the requested action. Because all requests are handled through the same API, you see consistent results and capabilities in all the different tools. All capabilities that are available in the portal are also available through PowerShell, Azure CLI, REST APIs, and client SDKs. Functionality initially released through APIs will be represented in the portal within 180 days of initial release. -
22
TrustLogix
TrustLogix
The TrustLogix Cloud Data Security Platform breaks down silos between data owners, security owners, and data consumers with simplified data access management and compliance. Discover cloud data access issues and risks in 30 minutes or less, without requiring visibility to the data itself. Deploy fine-grained attribute-based access control (ABAC) and role-based access control (RBAC) policies and centrally manage your data security posture across all clouds and data platforms. TrustLogix continuously monitors and alerts for new risks and non-compliance such as suspicious activity, over-privileged accounts, ghost accounts, and new dark data or data sprawl, thus empowering you to respond quickly and decisively to address them. Additionally, alerts can be reported to SIEM and other GRC systems. -
23
Cedar
Amazon
Cedar is an open source policy language and evaluation engine developed by AWS to facilitate fine-grained access control in applications. It enables developers to define clear and concise authorization policies, decoupling access control from application logic. Cedar supports common authorization models, including role-based access control and attribute-based access control, allowing for expressive and analyzable policy definitions. Its design emphasizes readability and performance, ensuring that policies are both easy to understand and efficient to enforce. By integrating Cedar, applications can make precise authorization decisions, enhancing security and maintainability. The policy structure is designed to be indexed for quick retrieval and to support fast and scalable real-time evaluation, with bounded latency. It enables analyzer tools capable of optimizing your policies and proving that your security model is what you believe it is.Starting Price: Free -
24
Lumos
Lumos
Lumos is the internal AppStore for companies. Accelerate access requests, access reviews, and license management through self-service. Cut down on support tickets with automated access requests, approvals, and provisioning. Gain visibility into all your SaaS apps and spend. Remove unused licenses with automated workflows. You're hiring more employees than ever before, and they’re working from everywhere. That means one thing, you’re getting bombarded with help desk tickets asking for access to apps and permissions (and emails asking if you’ve seen their help desk ticket. You have.) Set permissions and approve access for a specific length of time, all within Slack! Before a new hire starts, Lumos will notify their manager and help them set up all apps for their new employee. Not every employee needs access to every app. Avoid headaches by tailoring your AppStore based on employee roles. -
25
Manages users, groups and roles. Authentication, delegation, authorization and auditing. Role-based access control, entitlements and time-based access rules. Manages access control policies for Web, Java and CORBA® resources. Manages access control policies for fine-grain application data and/or features. Central administration with flexible deployment options. Features specifically designed to aid in meeting privacy legislation. Supports integration with existing security infrastructure. Provides foundation for orb2 for Java Security Services.
-
26
PingDataGovernance
Ping Identity
Digital transactions and data are exploding, but authorization logic is scattered across your enterprise. Updating, auditing and managing that logic can be tedious or even impossible. PingDataGovernance provides centralized authorization policies that can evaluate identity attributes, entitlements, consents, the requesting app or other contextual information to authorize critical actions and the retrieval of high-value data. You’ll have the agility to react instantly without sacrificing security or regulatory compliance. Anyone can update policies in minutes with a simple drag-and-drop UI. And you can choose which teams it’s most appropriate to give access to so they can manage policies—or any portion of them. Unlike traditional role-based access control (RBAC), dynamic authorization assembles key contextual data attributes and evaluates the validity of access requests in real time. This lets you centrally enforce policies to comply with regulatory requirements. -
27
A secure, single sign-on (SSO) solution for enterprises. Identity Manager Plus from ManageEngine, the IT division of Zoho, gives end users one-click access to the applications they need and allows IT admins to manage and monitor application access from one central console. Provide users with secure, one-click access to enterprise applications. Users only have to log in once to access all their applications. Enable SSO to hundreds of popular applications in our app catalog or any SAML-based internal application using custom integrations. Track who accessed which application, from where, and when. Find the applications used most, inactive users, and more. Directly import users from G Suite and Azure AD, or use the built-in Zoho Directory to onboard temporary employees and contractors. Configure SSO for applications, add users, enable application access to users, and track application access—all from a central console.
-
28
PlainID
PlainID
PlainID is The Authorization Company. PlainID provides both Business AND Admin teams with a simple and intuitive means to control their organization’s entire authorization process, all based on your own business logic. The platform allows you to implement literally any kind of rules you could imagine, all without coding, and all in fine grained detail. PlainID simplifies Authorization so that thousands of Roles, Attributes and even Environmental Factors can be converted into a few logical SmartAuthorization policies using our Graph Database Decision Engine. In-depth Analytics and Insights: PlainID provides unobstructed visibility with a full audit trail. Compliance, regulation and audit requirements, they’re easy to manage on a simple graph-based UI. Access is determined dynamically and in real time, based on user attributes, environmental attributes (time, location, etc.) as well as event based authorizations. PlainID combines ABAC & RABC to a united policy. -
29
VMware Cloud Director
Broadcom
VMware Cloud Director is a leading cloud service-delivery platform used by some of the world’s most popular cloud providers to operate and manage successful cloud-service businesses. Using VMware Cloud Director, cloud providers deliver secure, efficient, and elastic cloud resources to thousands of enterprises and IT teams across the world. Use VMware in the cloud through one of our Cloud Provider Partners and build with VMware Cloud Director. A policy-driven approach helps ensure enterprises have isolated virtual resources, independent role-based authentication, and fine-grained control. A policy-driven approach to compute, storage, networking and security ensures tenants have securely isolated virtual resources, independent role-based authentication, and fine-grained control of their public cloud services. Stretch data centers across sites and geographies; monitor resources from an intuitive single-pane of glass with multi-site aggregate views. -
30
Apache Sentry
Apache Software Foundation
Apache Sentry™ is a system for enforcing fine grained role based authorization to data and metadata stored on a Hadoop cluster. Apache Sentry has successfully graduated from the Incubator in March of 2016 and is now a Top-Level Apache project. Apache Sentry is a granular, role-based authorization module for Hadoop. Sentry provides the ability to control and enforce precise levels of privileges on data for authenticated users and applications on a Hadoop cluster. Sentry currently works out of the box with Apache Hive, Hive Metastore/HCatalog, Apache Solr, Impala and HDFS (limited to Hive table data). Sentry is designed to be a pluggable authorization engine for Hadoop components. It allows you to define authorization rules to validate a user or application’s access requests for Hadoop resources. Sentry is highly modular and can support authorization for a wide variety of data models in Hadoop. -
31
NextLabs
NextLabs
NextLabs CloudAz is a zero trust policy platform that enforces security policies consistently across the enterprise and beyond. It’s powered by a patented dynamic authorization policy engine and is the backbone of NextLabs’ Data Centric Security Suite consisting of Entitlement Management, Data Access Security, and Digital Rights Management (DRM) products. CloudAz integrates automated data classification, attribute-based access control (ABAC), data masking & segregation, digital rights (DRM) protection, and audit capabilities into one powerful platform that enables you to better align policies with rapidly changing business requirements while keeping up with the increasing cybersecurity challenge. The platform can be delivered either on-premises or in the cloud. -
32
EmpowerID
EmpowerID
EmpowerID is the award winning all-in-one identity management and cloud security suite developed by The Dot Net Factory, LLC dba "EmpowerID". Responsible for managing millions of internal and external cloud and on-premise identities for organizations around the globe, EmpowerID delivers the broadest range of ready to use IAM functionality. In-depth out of the box solutions include: single sign-on, user provisioning, identity governance, group management, role mining, delegated identity administration, password management, privileged access management, access management for SharePoint, and an identity platform for application developers. All solutions leverage a single sophisticated role and attribute-based authorization engine that handles complex organizations and even multi-tenant SaaS providers. We provide a highly scalable, fully customizable IAM infrastructure that delivers results in a more time and cost-efficient manner for your enterprise.Starting Price: $2 per user per month -
33
Active Roles
One Identity
Simplify identity management and security with visibility of all Entra ID (Azure AD) tenants, Microsoft 365, and Active Directory domains from a single pane of glass. Ensure users and objects have fine-grained privileged access only when they need it with dynamic delegation across your identity landscape. Automate manual processes to increase efficiency and security while accelerating account, group, and directory management. Manage all Active Directory domains, Entra ID (Azure AD), and Microsoft 365 tenants from a single pane of glass with our Microsoft solution. Control access and permissions with dynamic rules, group families, and policies with automation. Manage users, groups, roles, contacts, Microsoft 365 licenses, and objects with configurable workflows and customizable scripts. Seamless integration of Active Roles with AWS Directory Service for a zero-trust least privilege model, access delegation, and synchronized on-prem user data. -
34
Amazon Verified Permissions
Amazon
Amazon Verified Permissions is a fully managed authorization service that uses the provably correct Cedar policy language, so you can build more secure applications. With Verified Permissions, developers can build applications faster by externalizing authorization and centralizing policy management. They can also align authorization within the application with Zero Trust principles. Security and audit teams can better analyze and audit who has access to what within applications. Accelerate application development by decoupling authorization from business logic. Protect application resources and manage user access to the principle of least privilege. Amazon Verified Permissions is a fully managed, Cedar-compatible permissions management and fine-grained authorization service for the applications that you build. Using Cedar, an expressive, performant, and analyzable open source policy language, developers and admins can define policy-based access controls.Starting Price: $0.00015 per request -
35
Cloudentity
Cloudentity
Cloudentity increases development velocity, audit efficiency and risk mitigation by advancing fine-grained authorization policy management and delivering continuous, transaction-level enforcement across hybrid, multi-cloud and microservice environments. Externalize authorization management that empowers developers to efficiently create policy-as-code, provision standardized controls, and invoke contextual access and data exchange enforcement as close to the service as possible. Accelerate application delivery by expediting security validation with full data lineage for audit, forensics and compliance. Cloudentity provides dynamic authorization governance that delivers policy automation and adaptive control ensuring Zero Trust between users, apps, services and data. Automate app, service and API inventory, authorization policy standardization, and declarative authorization provisioning to streamline release security verification. -
36
SecuPi
SecuPi
SecuPi provides an overarching data-centric security platform, delivering fine-grained access control (ABAC), Database Activity Monitoring (DAM) and de-identification using FPE encryption, physical and dynamic masking and deletion (RTBF). SecuPi offers wide coverage across packaged and home-grown applications, direct access tools, big data, and cloud environments. One data security platform for monitoring, controlling, encrypting, and classifying data across all cloud & on-prem platforms seamlessly with no code changes. Agile and efficient configurable platform to meet current & future regulatory and audit requirements. No source-code changes with fast & cost-efficient implementation. SecuPi’s fine-grain data access controls protect sensitive data so users get access only to data they are entitled to view, and no more. Seamlessly integrate with Starburst/Trino for automated enforcement of data access policies and data protection operations. -
37
BastionZero
BastionZero
Infrastructure teams must manage painful VPNs, homegrown bastion hosts, overprivileged certificate authorities, and long-lived credentials that present huge security risks. Infrastructure teams can easily configure, manage and secure fine-grained access controls to infrastructure targets in any cloud or on-prem environments. A single system for access all of your targets (servers, containers, clusters, databases, webservers) so you don’t have to manage an ever-growing set of systems. Provide zero-trust access to your targets by putting them behind your SSO and adding an independent MFA. Stop managing passwords. Use policy to control which users can log into which target under which role or user account. Capture the specific commands that a user ran on a target under a role or account via BastionZero’s access logs, command logs and session recordings.Starting Price: $300 per month -
38
Apache Ranger
The Apache Software Foundation
Apache Ranger™ is a framework to enable, monitor and manage comprehensive data security across the Hadoop platform. The vision with Ranger is to provide comprehensive security across the Apache Hadoop ecosystem. With the advent of Apache YARN, the Hadoop platform can now support a true data lake architecture. Enterprises can potentially run multiple workloads, in a multi tenant environment. Data security within Hadoop needs to evolve to support multiple use cases for data access, while also providing a framework for central administration of security policies and monitoring of user access. Centralized security administration to manage all security related tasks in a central UI or using REST APIs. Fine grained authorization to do a specific action and/or operation with Hadoop component/tool and managed through a central administration tool. Standardize authorization method across all Hadoop components. Enhanced support for different authorization methods - Role based access control etc. -
39
Azure Data Lake Storage
Microsoft
Eliminate data silos with a single storage platform. Optimize costs with tiered storage and policy management. Authenticate data using Azure Active Directory (Azure AD) and role-based access control (RBAC). And help protect data with security features like encryption at rest and advanced threat protection. Highly secure with flexible mechanisms for protection across data access, encryption, and network-level control. Single storage platform for ingestion, processing, and visualization that supports the most common analytics frameworks. Cost optimization via independent scaling of storage and compute, lifecycle policy management, and object-level tiering. Meet any capacity requirements and manage data with ease, with the Azure global infrastructure. Run large-scale analytics queries at consistently high performance. -
40
Enable zero-trust access for all apps, legacy and modern, with highly scalable identity- and context-based access controls. Deploy zero-trust model validation based on granular context, securing every app access request. Secure access to apps with a fine-grained approach to user authentication and authorization that enables only per-request context- and identity-aware access. Integrating with existing SSO and identity federation solutions, users can access all their business apps via a single login, regardless of whether the app is SAML enabled or not. Enable social login to simplify access authorization from trusted third-party identity providers like Google, LinkedIn, Okta, Azure AD, and others. Leverage third-party UEBA and risk engines via REST APIs to inform policy-based access controls using the API connector for more layered security. BIG-IP APM is available in all business models including perpetual licenses, subscription, public cloud marketplace, and ELAs.
-
41
Intrinsic
Decoy Technologies
Craft your own policies beyond standard abuse categories and enforce them in just minutes. Intrinsic is a platform for building AI agents for user trust. We hook directly into your existing workflows, and gradually help enhance human review with automation safely and seamlessly. Automate moderation of text, images, videos and reports with a system that gets better with every moderation action. Manage review queues and escalations easily with fine-grained RBAC permissions. Make data-driven decisions based on policy performance reports and platform-wide health monitoring. Access advanced security, AI-powered analytics, and comprehensive information governance. -
42
Permit.io
Permit.io
Full Stack Permissions as a service. Check authorization as done, focus on your core product. Use the right tool for the right task. Use the right language for the right policy. Say no to Lock-in. Mix and match the policy engines you need. Permit.io supports OPA's Rego and now adds AWS' Cedar, and Amazon Verified Permissions. Generate Policy as code directly into Git, and deploy in realtime into the agent in your app. Makes granting permissions as easy as checking a box. Manage and edit your policies with in seconds instead of days. Work with a simple UI, API, or directly with Rego code. Enable multi-tenancy, RBAC, ABAC, ReBAC, and more with a single streamlined interface. Provide low-code/no-code interfaces for non-technical users. Ensure future requirements are met with policy as code. Get Git Ops support out-of-the-box. -
43
badook
badook AI
badook allows data scientists to write automated tests for data used in training and testing AI models (and much more). Validate data automatically and over time. Reduce time to insights. Free data scientists to do more meaningful work. badook’s AutoExplorer automatically analyses your data for potential issues, patterns and trends. badook’s Test SDK simplifies the authoring of data tests while providing powerful capabilities. You can author data tests, from simple data validity to advanced statistical and model-based tests with ease, and automate throughout your system’s lifecycle, from development to run-time. badook is designed to run in your cloud environment without giving up the comforts and ease of a fully managed SaaS. Our dataset-level Role-Based Access Control (RBAC) gives you the ability to author company-wide tests without compromising security and complying with the most strict regulations. -
44
RedSandz
RedSandz
Residential and Commercial Property Management Software designed specifically for today's modern Real Estate professionals. Includes a completely integrated accounting and work order management system with detailed tasks & reminders, drill-down reporting, work order management, role-based access for multiple users, collection & legal management system, online payments, and much more! Proactive tools that look into the future and take action on your behalf, before it's too late. When any action is taken the system will notify you and the tenant of the changes for management oversight. Role-based permissions will provide your organization with a fine-grained level of control throughout your entire organization. By controlling access to property management data, your team will be more organized and more productive, no matter how many property managers you have. With multiple portfolios and sub-portfolios you will be able to organize your properties.Starting Price: $15 per month -
45
MugenHR
MugenHR
Being a flexible, scalable and ability to integrate with third-party software are cornerstones of any software platform. Our architecture has proven that by processing tons of data already. MugenHR provides multi-level security. Role-based access control (RBAC) prevents data integrity by allowing access to certain data to specific people through configuration. There is an encryption process for passwords as well as the database. MugenHR is designed keeping collaboration in mind. Supported modules such as project management, chat and others encourage teamwork and operational excellence. Managing expense is the top priority for any company since it impacts the bottom line. Any money spent by the company or employees is considered as an expense. From filing an expense claim until disbursement of funds needs to be handled along with specific expense policy and limit for each employee or department. -
46
Anypoint MQ
MuleSoft
With Anypoint MQ, perform advanced asynchronous messaging — such as queueing and pub/sub — with fully hosted and managed cloud message queues and exchanges. As a service of Anypoint Platform™, Anypoint MQ supports environments, business groups, and role-based access control (RBAC) with enterprise-grade functionality. -
47
Fine-grained access control and visibility for centrally managing cloud resources. Identity and Access Management (IAM) lets administrators authorize who can take action on specific resources, giving you full control and visibility to manage Google Cloud resources centrally. For enterprises with complex organizational structures, hundreds of workgroups, and many projects, IAM provides a unified view into security policy across your entire organization, with built-in auditing to ease compliance processes. We recognize that an organization’s internal structure and policies can get complex fast. Projects, workgroups, and managing who has authorization to do what all change dynamically. IAM is designed with simplicity in mind: a clean, universal interface lets you manage access control across all Google Cloud resources consistently. So you learn it once, then apply everywhere.
-
48
SaaS Starter Kit
SaaS Starter Kit
SaaS Starter Kit is a modern, fully featured SaaS template designed to accelerate the development of Next.js applications. It incorporates a comprehensive suite of features, including subscription payments through Lemon Squeezy or Stripe, a complete authentication flow with magic email sign-in and social OAuth login, and subscription management via customer portals. The kit supports roles and permissions for fine-grained access control, and multi-tenancy allowing users to create organizations and invite team members, and a modern, SEO-optimized blog. Email workflows are streamlined using Resend and React Email, while the user interface is crafted with Shadcn and Tailwind CSS, ensuring easy customization and extension. The template is mobile-friendly, offers a fully integrated dark theme, and provides dedicated support through Discord or Reddit. Users benefit from lifetime free updates and extensive, up-to-date documentation, facilitating quick onboarding and codebase comprehension.Starting Price: $87 one-time payment -
49
AppScaler
XPoint Network
What does AppScaler CMS do? Managing, monitoring and reporting on growing distributed networks is increasingly complex and costly, AppScaler CMS allows you to manage one or more AppScaler devices from a single management server. AppScaler CMS provides organizations, distributed enterprises and service providers with a powerful and intuitive solution to centrally manage and rapidly deploy AppScaler devices and provides centralized, real-time monitoring and comprehensive application performance reporting. Central AppScaler Policy Management AppScaler CMS ensures governance and compliance with centrally managed configuration: Import the configuration from AppScaler device in one click. Comprehensive policy management on load balancing of each AppScaler device. Configuration backup and restore. AppScaler Firmware Upgrade Role-based access control. AppScaler CMS provides fine-grained, role-based access control with which you can grant access permissions. -
50
Keen
Keen.io
Keen is the fully managed event streaming platform. Built upon trusted Apache Kafka, we make it easier than ever for you to collect massive volumes of event data with our real-time data pipeline. Use Keen’s powerful REST API and SDKs to collect event data from anything connected to the internet. Our platform allows you to store your data securely decreasing your operational and delivery risk with Keen. With storage infrastructure powered by Apache Cassandra, data is totally secure through transfer through HTTPS and TLS, then stored with multi-layer AES encryption. Once data is securely stored, utilize our Access Keys to be able to present data in arbitrary ways without having to re-architect your security or data model. Or, take advantage of Role-based Access Control (RBAC), allowing for completely customizable permission tiers, down to specific data points or queries.Starting Price: $149 per month
