IAM Tools
Identity and Access Management solutions for identity governance, access control, authentication, privileged access management, and zero trust security.
Browse 918 iam tools
FEATURED
USE CASES
IoT device security platform for device identity lifecycle management
AI/ML module for device identity security and anomaly detection
Central mgmt platform for IoT device security lifecycle automation
Patented trust anchor tech using device hardware attributes for root of trust
Identity Attack Surface Management platform for AD security and attack paths
Smartphone-based digital identity tech for secure authentication and signing
Platform for managing and securing Non-Human Identities (NHIs)
Mobile authenticator app for MFA when signing into Claranet accounts
Device fingerprinting and intelligence for account security and fraud detection
Self-custody digital identity app for secure authentication and authorization
Identity and access management solution from BeyondTrust
Free identity security risk assessment service analyzing identity attack surfaces
Privileged Access Management solution from BeyondTrust
Open source authentication binding public keys to identities via SSO/OpenID
Mobile app for two-factor authentication token generation
Passwordless authentication platform using passkeys, biometrics, and SMS/email.
SSO platform enabling users to authenticate once across multiple applications
OAuth 2.0 authorization for browserless and input-constrained devices
Identity and access management platform for authentication and authorization
PAM quickstart solution for managing admin accounts and privileged access
AI-driven IAM services for identity governance, access mgmt, and compliance
PAM solution for managing and securing privileged access to systems
SSH key lifecycle management platform for visibility, automation, and control
Enterprise password manager with encryption and access control features
IAM Specializations
918 tools across 7 specializations · 51 free, 867 commercial
Certificate Lifecycle Management
Certificate lifecycle management tools for automated SSL/TLS certificate provisioning, renewal, and PKI management.
Identity Governance and Administration
Identity Governance and Administration (IGA) platforms for identity lifecycle management, access governance, role management, and compliance reporting.
Identity Threat Detection and Response
Identity Threat Detection and Response (ITDR) solutions for detecting identity-based attacks, credential theft, and compromised accounts in real-time.
IAM Tools FAQ
Common questions about IAM tools, selection guides, pricing, and comparisons.
IAM (Identity and Access Management) is the broad category covering all identity-related security. PAM (Privileged Access Management) specifically secures high-risk accounts like admin, root, and service accounts with session recording, just-in-time access, and credential vaulting. IGA (Identity Governance and Administration) focuses on access lifecycle management, certification reviews, and ensuring users only have the access they need.
If you have admin accounts, shared credentials, service accounts, or any users with elevated privileges, you need PAM. Standard IAM handles authentication and basic authorization, but PAM adds critical controls for privileged access: credential vaulting, session recording, just-in-time elevation, and break-glass procedures. Compromised privileged accounts are involved in the majority of serious breaches.
ITDR is an emerging category that detects attacks targeting identity infrastructure: credential theft, Kerberoasting, pass-the-hash, MFA bypass, and Active Directory attacks. While IAM and PAM focus on prevention (controlling who can access what), ITDR focuses on detection and response when identity-based attacks are in progress. It fills the gap between identity management and security operations.
Passwordless authentication (FIDO2, passkeys, biometrics) eliminates the password entirely, removing the most commonly attacked credential. Traditional MFA adds a second factor but still relies on passwords. Passwordless is more secure and provides better user experience, but requires compatible infrastructure. Start with FIDO2/passkey support for high-risk users and gradually expand across the organization.
